Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Look and listen before leaping to the cloud

Shannon Smith | July 13, 2011
Understand the evolving risks and liabilities of the cloud.

Steady growth in the cloud services sector reflects the rapid pace at which companies are moving all or portions of their computing, applications and data storage requirements to this emerging destination. According to Gartner, the industry is poised for strong growth through 2014, when worldwide cloud services revenue is projected to reach $148.8 billion.

This groundswell of enthusiasm for cloud computing is not unwarranted as the benefits are extremely compelling. The opportunity to reduce IT costs dramatically as well as boost operational efficiency, corporate collaboration and business agility are major drivers. Additionally, emerging service options offer a plethora of choices, encompassing infrastructure-as-a-service (IaaS), as provided by Amazon web services, Rackspace, Nirvanix and others; platform-as-a-service (PaaS), by outlets including Microsoft Azure and Google Apps; and software-as-a-service (SaaS), from such providers as Salesforce.com and CaseCentral.

Early adopters of cloud technologies have viewed the migration as a business imperative, despite the potential dark lining of service outages and exposure to security and privacy risks. It's clear, however, that cloud service providers understand the initial hesitation that companies are experiencing in trusting crucial information assets to them and they continue to work diligently to assuage concerns with stringent service-level agreements (SLAs) addressing uptime, privacy and security.

Headline-grabbing stories about Intuit's and Google's recent prolonged service outages only reinforce that disruptions in the cloud can and will occur, which means that service quality and data availability will persist as front-and-centre issues. While encryption remains the baseline for securing data when moving to the cloud, there are other questions that should be asked about how data is migrated and accounted for as well as additional risks that must be addressed before entering into a relationship with any cloud service provider.

There's also a set of equally important issues starting to surface in conversations about cloud-related risks. While they may not be grabbing headlines yet, there are far-reaching ramifications, which necessitate ongoing discussions and concerns. Savvy IT leaders are beginning to understand they must look beyond the "big three"-outages, privacy and security-when weighing cloud computing risks. Now more than ever, careful evaluation and forming partnerships with other organisational stakeholders are essential for understanding and mitigating risks relating to records management, eDiscovery, jurisdictional issues and exit strategies.

Records management: Data retention & destruction

One of the overarching benefits of moving information to the cloud is the opportunity to greatly simplify and streamline data management. To date, companies have focused on ensuring data integrity and availability, but haven't spent much time considering the requirements of information retention and destruction.

This area requires collaboration between corporate IT and legal departments to understand and articulate specific data keeping and disposal needs, especially since the contracts of many cloud service providers are standard cookie-cutter agreements. Also, remember that cloud providers are in the business of collecting data, not purging it. They make it extremely easy to add capacity, which encourages organisations to keep everything. The topic of data destruction often doesn't come up, but it should.

 

1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.