Cloud Computing: Friend or Foe?
By: Ali Gomulu
The benefits of moving more and more to the cloud are now proven. What do IT teams need to know when contracting with cloud service providers and the communications service providers delivering access and transmission services?
The first key to success is thinking long term and planning optimistically for years of great service; also, when contracting with cloud providers, it’s wise to leave room for making a switch if necessary, or at least renegotiating service level agreement terms.
The second key to success is understanding security, particularly in a multi-cloud environment; ensuring corporate data and systems are protected from cyberattacks, intentional or accidental data loss internally, and threats from external actors are also critical.
While the cloud computing market is generally controlled by tech giants like AWS, Microsoft and Google, there are many smaller, more local providers, and a good number of competitive, often vertical industry niche providers.
Here are five recommendations, or questions to post to cloud service providers:
Understand Your Business Goal
Come to the table with tangible, measurable expectations. This may seem obvious, but often the notion of moving certain compute needs to the cloud is driven from higher-ups – for example, we need to save money, we need to make sure we can scale, we need to support digital transformation initiatives.
Clarifying your specific requirements and expectations in advance of assessing and then spending time with providers ensures you are comparing them against real-world requirements, including security.
Ask Critical Questions of Every Potential Provider
Don’t be afraid to ask for references, even from the largest providers. Ask for use cases, ask for performance data, ask for economic results (“ROI” and “TCO”). Ask about their certifications & standards and request their full range of technologies, including those on future roadmaps.
When it comes to security, ask specifically about their data integrity measures, data governance and ability to meet the standard and your own business policies. Make sure they are accredited with certifications including ISO 27001 and other compliance indicators, including government regulations.
Ask for Detailed Information on Their Partnerships
With so much integration, APIs, and general partnering associated with the cloud make sure you understand exactly what the cloud service provider is delivering, vs. their partners, and understand how that might impact your SLAs, contracts and other commercial terms and remedies.
Be Upfront about Vendor Lock-In
One of the biggest surprises coming from cloud service providers over the last decade has been fees associated with switching out of their services to another provider. As the cloud computing landscape becomes increasingly competitive, you can negotiate terms but should do so upfront, so the relationship is healthy from the start.
Ask about your options, and don’t be afraid to negotiate.
Ask for Financials & Other Business Health Indicators
You may find that a niche player provides the best option, perhaps because they understand your industry better than the tech giants. Or, you may find smaller, more local providers are more flexible when it comes to terms.
That’s great, but make sure your cloud compute provider has a track record of stability, a strong balance sheet, and enough capital to operate for years and even decades to come. Ask about any past legal issues, and make it clear your decision will be based on due diligence. Strong providers will respect your professionalism and approach.
In short, it’s important to get a “360” view of the contenders for your business, including technical and business capabilities, in addition to the less tangible “soft factors”, for example, trust and cultural compatibility.
And in summary, there is no cloud service provider worthy of your trust if security is not a forethought and a critical part of their technology roadmap.
While we all instantly understand the motivation for cyber criminals to steal data from financial services companies, retailers, and other transaction-related businesses, it’s less obvious why healthcare is one of the top targeted industries when it comes to security breaches.
When the Covid-19 pandemic began, organizations across all industries were forced to go digital, which unfortunately led to a boom-time for potential cybercriminals. Reports of cybercrime shot up by almost 70 percent in the US compared to 2019, as the lockdown created an ideal environment for cybercriminals, with phishing and ransomware remaining the most common approach, accounting for 33 percent of cyberattacks.
Reports of cybercrime shot up by almost 70 percent in the US compared to 2019, as the lockdown created an ideal environment for cybercriminals. However, phishing and ransomware remained the most common approach, accounting for 33 percent of all cyberattacks.