Cloud computing has become one of the most talked about buzzwords of recent years, yet surprisingly few people understand what it means. What are the benefits, what are the challenges and how easy is adoption? Julian Dyer, Chief Technology Officer at Cobweb - the biggest independent Hosted Exchange provider in Europe, explains...
It's become apparent that tight budgets and limited in-house skillsets have increased the appetite for utility pricing, flexibility and customisation benefits found with hosted IT services. So, whilst some apprehension around cloud computing still exists, credibility and adoption of the cloud is set to soar.
However, there are barriers to this growth. Security in the cloud is still a key concern, elevated by scare stories in the media. Therefore it's critical that providers are transparent with their security protocols and service level agreements, producing clear evidence of a secure and reliable service.
The geographic location of data storage also has an impact on buying decisions and organisations need to be aware of the USA PATRIOT Act, set up in response to the September 11 terrorist attacks. The Act permits American authorities to search business records and could ultimately compromise the security and confidentiality of company data. This violates UK data protection laws and only a true EU/UK-owned cloud provider would be protected from this. It's essential therefore that organisations verify the location of registered offices and all data centres, as American-owned companies - or even subsidiaries with data held within the EU - could be bound by the Act.
Adopting the cloud
Understanding risks associated with the cloud, combined with the evaluation of an external supplier and its services, is crucial to a smooth adoption process. However, this can be overwhelming to an overstretched IT department, so to truly benefit from a cloud-based solution, there must be a clear IT strategy in place. Clear communication and project management will help define expectations for both parties as well as supporting decision-makers. If risks cannot be explained and quantified, benefits like cost savings will become secondary as organisations revert back to low-risk options.
Securing a cloud-based service
Organisations expect a high standard of security from cloud adoption; however, many cloud providers are sensitive about sharing the full extent of their secure environment. The reasons for this are clear: detailed knowledge of a firewall structure, server configuration or locations could potentially influence an attempt to compromise the very security that was put in place to protect them.
Regular third-party penetration testing can be expensive, so an acceptable way of validating the security procedures of a cloud provider is external auditing under ISO 27001. This internationally-recognised standard is a framework of policies that include all legal, physical and technical controls involved in the provider's information risk management process and ensures a suitable structure is in place to achieve the necessary security levels. To understand the extent to which the standard is applied, organisations should ask if there are any exceptions relating to the services they wish to adopt.
Password management is another area that needs consideration, as many cloud services depend on password authentication, adding to user frustration. Cloud providers should support authentication requirements and work effectively with an organisation's internal IT support to resolve user issues.
The future is bright
Looking ahead, cloud computing will change the way IT is delivered for all categories of businesses. User impact may be almost unnoticeable, proving that user inertia should not be a factor in cloud adoption. Cloud services have the potential to drastically alter the way business consume IT and if this change is effective at bringing improved productivity and reduced costs, the future of Cloud powered IT is indeed bright.
Julian Dyer, Chief Technical Officer, Cobweb
Contact Us:
www.cobweb.com [1]
marketing@cobweb.com [2]
Tel - 0845 207 0708.