Don’t fall for the hype, rather focus on the facts. The cloud delivers excellent advantages for most businesses, but there are a few things worth knowing before taking the leap. These are our top 7 things which, when you know them, should make a migration to cloud trouble-free, safe and secure.
Does your industry have specific compliance requirements?
Many industry associations or governing bodies are still playing catch-up with their recommendations on using cloud services. While the Australian government has the luxury of a dedicated department for vetting and approving cloud usage, the rest of us need to do our homework. Industries like financial services, health and others are subject to restrictions from their governing bodies, like the Australian Prudential Regulation Authority or the Australian Medical Association. In other cases, fulfilling or supplying contracts on behalf of others may imply limitations such as those from the Federal Government or an overarching law like the new Privacy Act. Before going cloud, know what, if any, regulations apply to you – and how to satisfy those requirements.
Who owns my data?
The importance of knowing who owns your data cannot be stressed enough. Do not neglect to check not only where ownership is vested, but also who can access your data and what can they do with it. For example, free Google email permits the company to use your messages to deliver targeted ads. In other cases, you might own your data – but how readily can you export it or back it up? Knowing the answers to these questions provides the necessary certainty for a valuable asset.
Where exactly is my data?
While some may think it doesn’t matter where, precisely, your information is stored, that isn’t quite the case. Data sovereignty matters, particularly with sensitive information you may hold which belongs to your customers. Knowing where the data centre is in which your information is stored can be important to be on-side with any applicable laws or regulations. An easy rule of thumb is to choose locally domiciled cloud services. Don’t know? As your service provider. Remember, too, that with the rise of laws such as the USA’s Patriot Act, your data hosted in that country may be accessed even without your knowledge or consent.
Who is responsible for your data?
There are many layers to cloud services; understanding how your data could be affected is crucial to understand any risk implications. Notably, not all cloud providers control all of the access to your data. The normal assumption is that whoever you signed up with has strict controls in place to restrict third parties. However, if the provider of a cloud application uses a third-party data centre, control of your data can fall into unknown (to you) hands. Such interdependencies can also have consequences: if the application provider doesn’t pay its suppliers, your data could be held captive.
Is the data centre compliant and certified?
We’ve previously noted that not all data centres are created equally. It is in your interests to know not only where any new application or service is hosted, but also to gain insight into the quality of the data centre itself. Your IT partner can provide the necessary advice and assurance – but what you are looking for is Uptime Institute Tier rankings, or accreditation from the Telecommunications User Institute. Smaller IT firms which have created their own datacentres might not have any certification quantify how good (or bad) their facility is.
Knowing the standard of the datacentre is almost like ensuring your next restaurant has been approved by the Food Department. Would you want to eat there if it hadn’t?
What bandwidth overhead is required?
Australia faces an uphill battle when it comes to fair and equal internet access. Before getting caught up in the excitement of moving to the cloud, know what kind of connectivity you can get – and what kind of connectivity is required for adequate cloud service performance. That will depend on the type of services you require – and also on how many services and users will be running concurrently. Poor performance will deliver very little advantages; for some services, like voice over IP, inadequate performance will render the service useless.
What’ the Service Level Agreement?
Just because a service is in the cloud doesn’t mean it will always be available. Even the best systems need maintenance – and if something goes wrong, you need to understand how long it might take for a fix. Many services have a service level agreement (SLA) which sets these details out – knowing what the SLA is means the ability to understand any risks your business may face.
SLAs should extend to your internet connection, too. After all, with cloud services, you depend on that connectivity to keep things working. Some SLAs include rebate or refund clauses; others, for particularly crucial services, can even include punitive damages for fixes which take longer than agreed.
Signing up for services which don’t have an SLA (or on which the SLA is skewed to the vendor) can put your business at risk. With your IT solution provider’s help, be sure to know what the SLAs are for any important services.
With a basic understanding of these 7 elements, your business can move to the cloud with minimal risk, while maximising the benefits you can gain – and if the cloud is right for your company, the benefits are substantial.