Tuesday 9 September 2014

Basis of cloud selection - Security, Risk, Legal and Cost


Taking our discussion further about parameters to select right cloud solution provider, we would discuss four parameters in detail namely Security, Risk, Legal compliance and cost.

  • Security
By its nature, an attack on a Cloud service can affect a huge number of people at once. The level of security/protection than your current environment has always been the highest concern with the adoption of cloud services. This extends to the concerns about the credibility of the third party audit reports on their security. Network security, Data protection and application security are the top priorities. Hence if the cloud can provide secure services this could be the biggest advantage and the growth driver. (SAVVIS, 2014)

  • Risk
The risk taking ability of any organization becomes another deciding factor behind the adoption of cloud services. It leads to the decision on amount of resources/mission-critical data that the organization can keep off-premise. This parameter would lead to the calculation of the likelihood of bankruptcy / likelihood of failure / likelihood of negligence. This can be used to understand who will be accountable and what the cost of downtime greater than the savings, will be achieved by moving to the cloud. This will make a big difference when up against a risk averse culture. (bmcsoftware, 2014)

  • Legal
Does a cloud environment meet compliance requirements (HIPPA, CJIS, PCI, retention, SOX, etc.) that your current environment does not support or would otherwise be too expensive to build? It is good to ask following questions while choosing the cloud provider.
  • Who owns the data?
  • What’s your access to the data?
  • Does it comply to government and other regulatory bodies?
Most providers will provide auditable information that their systems and servers meet compliance standards but the accountability is generally on the customer to report and prove compliance to a governing agency or standards. Cloud service providers will generally not indemnify customers when it comes to the customer’s lack of compliance (bmcsoftware, 2014).

  • Cost
The profits and the cost savings that can be made by availing the cloud services have to be analyzed and thus foreseen significant net savings to the organization over 5-10 years can be calculated. Considering the opportunity costs with the cap-ex while the op-ex is being foreseen is important. One can factor the costs to organization (people, energy, space, insurance, downtime, training, etc.) Cost estimation is mandatory process and the market research shall reveal the trends.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)