Blogger Widgets

Total Page visits

Tuesday, March 19, 2013

Top 10 Issues Eroding Cloud Confidence






1. Government Regulations Not Keeping Pace With The Market

The survey said that businesses must pay significant amounts of money to meet regulatory requirements, while putting up with the limits regulators place on tech innovation. It's critical for government and regulators to adopt a regulatory stance that enables, rather than limits, adoption of the cloud. 

"Right now government regulations in countries around the world are in their infancy," Santos said. "When it comes to cloud standards, development organizations are working hard to determine cloud and security issues. But a lot of it hasn't really been covered." 

2. Exit Strategies

Many issues that arise in the business world also affect companies interested in working in the cloud. Among such issues worrying cloud users or those considering working in the cloud is having a strategy to end a relationship if a cloud partner falters. 

"How do you terminate a relationship with a cloud provider?" Santos asked. "How do you get out of that relationship? If you can't get out, you may be stuck with [unworkable] contracts or SLAs." 

3. International Data Privacy

A slew of differing privacy requirements and laws around the world addressing how data needs to be protected represent real concerns for cloud users, the survey said. Multiple regulations can represent maddeningly complex requirements for businesses. 

"For one example, if you work with a cloud provider and it has a subcontractor in the U.K., how does that impact the privacy of your data?" Santos asked. "You're going to have to indicate when the data is shared and how it's used by a third-party provider in the cloud."

4. Legal Issues

Cloud users face worrisome legal issues arising from the new cloud business model. 

"You'll have to figure out how legal issues impact your choices going to the cloud," Santos said. "Dealing with break notification issues, for example, if your provider is in California and you are in Texas, you need to figure out how that provider is going to meet break notification requirements. You need to see how those issues are addressed. 

"Data privacy laws in the EU are different than in the U.S.," he added. 

5. Contract Lock-In

Cloud users are growing increasingly uncomfortable with long-term commitments in the cloud as changes occur so frequently. 

Businesses are wary that their cloud model may change while they are stuck with contracts. 

"The business models may change, so if you buy in for reason X and later they are no longer providing that service, what happens next?" Santos asked. 

6. Data Ownership And Custodian Responsibilities

Cloud users may enlist cloud providers that have third-party partners that provide services. But who owns and who is responsible for the users' data? These issues need to be addressed in SLAs. 

"People still need to understand the flow of their data through these complicated cloud services," Santos said. "Who is responsible for what? And if the data breaks, who is going to be responsible and who pays customers if there is a lawsuit?" Santos asked.

7. Longevity Of Suppliers

In a new, rapidly changing market, users worry that they will lose partners, suppliers and other business associates. 

"A lot of these cloud solutions are fairly new, so if users are looking at putting the crown jewels of information in the cloud, how can they determine if the solution's going to be around?" Santos asked. 

8. Integration Of Cloud With Internal Systems

"Businesses want to go to the cloud, but they have legacy systems," Santos said. "How do you integrate existing systems and processes to the cloud?" 

A good example is the health-care industry, with an abundance of critical systems and devices that need to be maintained on-premise, and therefore hold back cloud adoption, he said. 

9. Credibility Of Suppliers

"With a lot of new solutions, are they all trustworthy and do they have a track record?" Santos asked. "To find trusted suppliers in the space, focus on which ones have the credibility."

10. Testing And Assurance

Many of the concerns with the cloud listed by the survey respondents are being addressed by the Cloud Security Alliance, the ISACA, and many other organizations. 

"There are not a lot of standards and certifications out there now," Santos said. "But work is being done to try to address standards like HIPAA, SOX 1 [the Sarbanes-Oxley Act, which determines which corporate records are to be stored and for how long], and SOX 2. We are working so people can understand what is needed to ask their cloud provider."
Source www.crn.com

No comments: