Now that “the cloud” has reached mainstream media with Microsoft’s “To the Cloud” marketing campaign, I felt it was time to address the risks and rewards of this next evolution of the Internet. In a nutshell, the cloud is Internet-based computing that enables the sharing of resources, software, and information. A commonly used analogy is the electricity grid which supplies power to our homes and businesses.
To really see the comparison, it helps to look back to the 19th century when companies were responsible for generating their own power. It took insight, money and effort for the modern utility grid to be built and integrated into our businesses (cf. The Big Switch by Nicholas Carr). Now that it has been in use for several generations, we only think about the complexities and risks inherent in centrally supplied power when we lose it. For people living in modern cities, this is a rare occurrence that’s usually due to natural events.
However, this analogy starts to break down when you look at the issues facing businesses that are trying to make the decision of whether to move their services and data into a centrally-managed computer network shared by their competitors. Unlike the electric grid, the cloud is a 2-way street where valuable assets are moved outside the control of the business. A few of the issues that must be addressed include business continuity, security, privacy, and compliance. Given the advantages that utility computing brings, businesses are rapidly adopting the Cloud and these issues are receiving attention by researchers, policymakers and entrepreneurs.
At Knowmad, the work we do is naturally part of the cloud. For over eight years, we’ve been building and deploying websites for our clients and ourselves. We have worked with clients to move data between their website and the backoffice to facilitate e-commerce or support customers.
In addition to supporting our clients, we also run most of our business over the Internet. We take the proper precautions and do the necessary maintenance to provide us the level of trust we need to enure that we have addressed the issues surrounding Web technologies. As we adopt new solutions for maximizing our time and efforts, we have starting using hosted services such as Basecamp, Liquid Planner and BitBucket.
So, what do we look for when evaluating a potential cloud solution?
1. Trusted vendor – BBB accreditation, well-known company, online reviews, and customer testimonials
2. Open standards – can we get our data back out if we decide to leave? can we get backups of our data from their systems?
3. Security – how does the vendor address security of our data? do they have a good track record? do they use external auditors (e.g., Sas70)
4. Privacy – how is our personal information used by the vendor?
In addition to qualifying our service providers, we also take measures to reduce our risk such as 24×7 service monitoring, off-site backups, alternative stand-by solutions, and limiting our exposure (e.g., we do not place sensitive information that isn’t encrypted into Cloud environments and maintain original copies of files shared through services such as Basecamp).
Like it or not, there’s no doubt that this model of cloud computing will continue to grow. The benefits it brings often outweigh the risks. However, it warrants continued vigilance while the systems, processes, protocols and laws are put into place to fully address the risks. For now, it is necessary to evaluate each piece of your business that you are considering moving to the cloud to think through the ramifications and options for managing risk.
How confident are you in putting your business into the Cloud?