Cloud Computing: Cloud Adoption and Risk Analysis

October 21, 2011 Off By David
Grazed from FormTek.  Author:  Dick Weisinger.

Cloud computing means moving your company data from your own servers to servers in a remote site that are managed by a cloud vendor.  There are big advantages to using the cloud, but survey after survey has shown that the main factor  holding back organizations from using the cloud are concerns about the security of their data.  But if organizations don’t use the cloud, what are the alternatives, and are those alternatives really any safer than what the cloud can offer?…

Many small and medium sized companies are coming to the conclusion is that selecting a well-vetted cloud provider may ultimately be the best option for managing and securing their data.  It’s almost impossible today for companies to do business without connecting some part of their data to the internet, and any connection to the outside world can provide intruders a pathway to company servers and the data that those servers hold.  Increasingly, small and medium sized companies, especially those without dedicated IT departments,  are seeing the cloud as a more secure option than what they could create themselves.

The cloud vendor has the advantage of scale and the luxury of focusing on IT as a company core competency, which typically translates to better process, better trained IT staff, and lower cost than what most smaller companies would be able to provide.  Small and medium sized companies are becoming aware of the advantages.  Roy Boggs of IDC in a Wall Street Journal article on the cloud notes that over the last 18 months, the number of SMBs that have moved to the cloud has more than doubled.

Jim Reavis of Cloud Security Alliance, says in that same WSJ article that ”small and medium businesses are insane not to leverage the advantages of cloud computing.  It ends up being almost in all cases a security upgrade because they can’t otherwise afford the practices.”   The article also quotes an Amazon Web Service spokesperson who notes that cloud vendors have the advantage of IT specialization that ”allows them to significantly make investments in security policing and countermeasures that almost any company, large or small, could not afford themselves.”

But there is a strong need for due diligence on the part of customers before signing up for cloud services.  Customers must understand their own requirements and the potential risks, and they must be able to negotiate and define the terms of a service level agreement (SLA) with their provider.  And the cloud provider in turn must be transparent enough to allow customers the ability to monitor their services to ensure that the terms of the SLA are being met.

CategoryNews