A ZDNet article entitled Cloud computing: Four reasons why companies are choosing public over private or hybrid clouds makes a case for the value of the public cloud.
- Innovation comes as standard with the public cloud
- Flexibility provides a business advantage
- External providers are the experts in secure provision
- CIOs can direct more attention to business change
This is all good – or mostly good.
The caveat is that the use of the cloud can fail if a business adopts the cloud without thinking it through from the perspectives of mission criticality, security, privacy, and continuity. If a business runs mission critical systems in the cloud, and that system fails, the business could be out of business.
The IT Manager no longer has to consider day to day issues around keeping software and security up to date. But they still have to consider higher level issues.
It is important to understand what the needs are for the situation at hand. A system that is not mission critical, or does not contain sensitive information, for example, would not require as much scrutiny as a system that runs an e-commerce site.
Issues to consider include:
- how mission critical the system is
- what the consequences are of a short term and long term outage
- how confidential or personal the information is in the system
- can the information be encrypted in transit and at rest
- how robust the vendor’s continuity plan is
- the need for the business to have its own continuity plan – such as a local copy of the data
- how robust the vendor’s security is
- does the vendor have third party security validation to accepted standards
- does the vendor’s agreement have provisions that back these issues up with contractual terms and service levels with meaningful remedies