Any enterprise that has not yet begun to think of a cloud strategy may soon be left behind. The temptation to put things on/in the cloud and sit back can be extremely compelling. But like everything that appears too good to be true, cloud computing comes with a set of risks and its important to understand them and find safer routes to achieving cloud computing.
While some organizations have successfully moved part or all of their information assets into some form of cloud computing infrastructure, the large majority still haven't done much with this choice.
Here are some pointers as to what you should think about, when adopting a cloud strategy.
Access to your data: The physical, logical and personnel controls that were put in place when the data was in-house in your data center are no longer valid when you move your organization's information on the cloud. The cloud provider maintains its own hiring practices, rotation of individuals, and access control procedures. It's important to ask and understand the data management and hiring practices of the cloud provider you choose.
Where you data is located: You may be surprised to know that your data may not be residing in the same country or city as your organization. While the provider may be contractually obliged to you to ensure the privacy of your data, they may be even more obliged to abide by the laws of the country in which your data resides. So your organization's rights may get marginalized. Ask the question and weigh the risk. Data loss and recovery: Data on the cloud is almost always encrypted. This is to ensure security of the data. However, this comes with a price - corrupted encrypted data is always harder to recover than unencrypted data. It's important to know how your provider plans to recover your data in a disaster scenario and more importantly how long it will take. The provider must be able to demonstrate standard scenarios for data recovery in a disaster scenario.
Availability of data: The cloud provider relies on a combination of network, equipment, application, and storage components to provide the cloud service. If one of these components goes down, you won't be able to access your information. Therefore, it is important to understand how much you can do without a certain kind of information before you make a decision to put it on the cloud. If you are an online retailer, and your customer order entry system cannot be accessed because your application resides on the cloud that just went down, that would definitely be unacceptable.
Cloud is still very new to enterprises and through trial and error and more user experience; it will mature to a more stable and ‘safe’ technology. As always, time will unveil the true nature and potential of the cloud world.