The buzzword at the minute in computing circles is cloud, and while many are jumping on the bandwagon, there are many who don’t have a clue what it actually means. Commissum have stepped forward to explain all the different issues surrounding cloud computing, and to highlight all the benefits that it can bring to small companies.
Mention cloud computing to SME clients as a viable solution for managing their services more cost effectively, the most common response is “but what about the risks of trusting our information to a third party?” Commissum firmly believe that many of the issues that are being raised concerning cloud computing are nothing new and it should be seriously considered in all relationships with the different service providers.
It does advise however that some considerations should be made in certain circumstances and each decision be reached by its benefit to the client. By using cloud computing, organisations have the opportunity to contract the service providers to provide platforms, infrastructure and most of all software. These services in turn enable network access on demand to the shared pool of resources.
These resources include the likes of servers, networks, applications, storage and other services. These are provided and in turn released with the minimum effort required by management or interaction with the service provider. The big advantages of scalability combined with reducing overheads and the flexibility clearly allows organisations to focus more on other core functions and worry less about the IT side.
Most companies have policies and processes in place to deal with commercial relationships with IT service providers. Although these policies and processes will equally work well with cloud services many still do not sufficiently cover the risk related to the security of information.
Applications which are to be provided by a cloud service require the same risk assessment considerations as those provided by a traditional service provider.
What if the solution is:-
· failing to deliver the required business value;
· not performing to the levels agreed;
· not integrated with the existing in-house services;
· unavailable and causes delays and reputational damage;
· suffered from breaches in integrity and confidentiality of information.
But commissum’s (http://www.commissum.com/) Principal Assurance Consultant André Coner suggests that the following considerations specific to cloud computing should he added:
· Maturity of the cloud service provider and service provider on-going concern issues;
· Complexity of compliance with laws and regulations;
· Legal issues around liability and ownership relating to different hosting countries;
· Storage of personally identifiable information in other countries;
· Consider the much greater dependency on third parties and reliance on external interfaces;
· Greater reliance on Internet connectivity;
· Security issues of public, community and hybrid cloud environments;
With 20 years of experience, commissum is adept at offering practical advice and recommending cost-effective solutions, to deliver a joined-up, coherent approach to protecting an organisation’s information assets.