The cloud is the limit, or isn't it
Cloud based computing is really taking off as of late and while most of the cloud based offers seem to be a really good deal and can certainly benefit some organizations I am still a bit skeptical about the whole thing. For any business data is one of the most important things within the organization. What would happen if the integrity of this data was lost, was stolen or is simply not available due to an internet connection being down?
While it certainly gives some peace of mind to have your data stored and taken care of by someone else there are a few things you should know before considering a cloud based solution. Imagine if your data is compromised or stolen on a network that is not your own, you are the one telling your customers that their personal information lies on the streets and you are the one losing business, not your cloud provider. When considering a cloud based solution ask yourself the following questions to determine if a cloud based solution is really what you need.
What assets of data are worthwhile storing in the cloud?
It might not be a good idea to store your most sensitive data in the cloud. Carefully analyze your data and split it up in categories of data sensitivity. After you have done this think about what categories can be considered for cloud based storage.
Where is your data stored and who has access to it?
Consider where your data is stored. Different countries or states have different laws, if your data integrity is breached it is more than likely you will get sued by your (former) customers. In some situations data hosted in another country or state is subject to local law keep this in mind when considering a cloud provider.
Another important thing to remember is that in the cloud other people than your own employees have access to your corporate data. Ask a cloud provider who will have access to your data. If data is encrypted (which it most likely is) who has access to the decryption keys? Ask them if they screen their administrators and other employees upon hiring, what measures are in place to control their access and what the protocols are if such employees abuse their access rights.
What about data availability?
Remember that when using a cloud based solution there are more parties involved to get to your data than just your own corporate network. Your ISP, the cloud provider and multiple parties on the internet that you do not control. Ask yourself what will happen if your internet connection goes down, will you still be able to do business? You might want to consider a service level agreement with the service providers that are directly responsible for your internet connections as if they go down your data will not be available.
What about disaster recovery?
All of us hope the worst thing never happens but it is still important to know about the measures in place before disaster strikes. Ask how backup is taken care of, is your data replicated to multiple locations, can your provider fully recover your data in case of a disaster and how much time will this recovery take them? Remember if your data is not available you are not able to do business and ultimately lose money.
Think ahead!
Think some years ahead. What happens if your cloud provider closes its doors or goes bankrupt? Will you have the possibility to gain access to your data, is there an easy way to migrate the data to your own servers or to another cloud based provider? And does your current or future provider offer tools to achieve such migration tasks in a simple way without any lose of your corporate data.
This are just some of the most common questions you can ask yourself and your future or current provider when you are considering a cloud based solution for yourself or your company. Luckily most big hosting providers have decent answers to the above mentioned questions and even offer specialized solutions might you require them, if they do not I highly recommend looking for someone else instead.
Tags:
security
and cloud-computing
