Everyone is still talking about Cloud Services, and many organizations are making decisions on whether to put systems and data into the cloud or leave it in their own data center.
Let me tell you a little story. Ever have an internet connection from an ISP, which came with an email address from them? I think we all have and many still do, and nothing wrong with that. At some point though, some of these ISP companies passed all the management of these email addresses to Yahoo, where they became standard, free (advertising-supported) Yahoo webmail addresses in all but name – run on Yahoo servers, with the Yahoo front end. When the ISP Internet contract ended, the ISP email service carried on at Yahoo.
All this was fine until the ISP informed many customers that it would close the account and delete all the mail, contacts, etc. from a certain date unless they started to pay them money per month for a premium mail service - which they don't want.
So the question comes up who owns that data? Can they keep your data for ransom to get more fees from you? How hard will it be to move all your data to another service? Email is just one example of many scenarios. How about another potential - the cloud service provider goes out of business. Where is all your data now, and is it business critical data?
IT is the steward of the company data, but the business still owns that data. The business has to understand and assume some of the risk. My suggestion always is that IT still owns the backup of that data, even in the cloud. There are solutions out there that would pull down some of that data to your data center for safe keeping. You can't outsource your regulatory responsibility of the security of the data and availability.
Proceed with caution. Understand your new cloud partner, ensure your have all your questions answered and you clearly understand ownership of the data, backup of the data, and availability. Do the due diligence necessary to ensure you have a positive experience and get the results you are looking for.
Perhaps, your core systems and critical data is better left right in your own data center or private cloud. Develop a strategy that includes cloud, but where appropriate and at the right risk level.
Keep it Positive!
Scott Arnett
www.arnettservicesgroup.com
About Me
- Scott Arnett
- Scott Arnett is an Information Technology & Security Professional Executive with over 30 years experience in IT. Scott has worked in various industries such as health care, insurance, manufacturing, broadcast, printing, and consulting and in enterprises ranging in size from $50M to $20B in revenue. Scott’s experience encompasses the following areas of specialization: Leadership, Strategy, Architecture, Business Partnership & Acumen, Process Management, Infrastructure and Security. With his broad understanding of technology and his ability to communicate successfully with both Executives and Technical Specialists, Scott has been consistently recognized as someone who not only can "Connect the Dots", but who can also create a workable solution. Scott is equally comfortable playing technical, project management/leadership and organizational leadership roles through experience gained throughout his career. Scott has previously acted in the role of CIO, CTO, and VP of IT, successfully built 9 data centers across the country, and is expert in understanding ITIL, PCI Compliance, SOX, HIPAA, FERPA, FRCP and COBIT.
No comments:
Post a Comment