198 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
Latest 7 Posts
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 2
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 8
Finding PCI and PII Data with Discovery Attender
Wed, Sep 21st 2016 1
Finding PCI and PII Data with Discovery Attender
Wed, Sep 21st 2016 4
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 2
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 8
Understanding the General Data Protection Regulation
Wed, Aug 24th 2016 1
Top 10
Avoiding Mishaps in eDiscovery Collections
Tue, Jan 20th 2015 8
Coming Soon for Discovery Attender, Version 3.92
Thu, Nov 5th 2015 8
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 8
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 8
Information governance certification: AIIM vs. ARMA
Mon, Jul 7th 2014 7
Off the topic: 10 must-do fall activities
Mon, Aug 24th 2015 7
How to Survive Data Discovery in the Digital age
Mon, May 9th 2016 7
Targeting Risks in IT – 5 Things to Consider
Mon, Jul 11th 2016 7
Policies for your organization’s IG strategy. Classification, we don’t need no stinking classification.
Mon, Aug 24th 2015 5
Top 10 Horror Movies for Halloween
Thu, Oct 29th 2015 5

Cloud Computing: Is the Risk Worth the Reward?
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
Marta Farensbach    

These days, marketers and media alike are focusing their attention on the “cloud” creating a lot of interest and buzz.  But what exactly is the “cloud”? This term is sometimes used as a metaphor for the Internet  as a whole.  In business, it really refers to the software platforms and infrastructure delivered as services via the Internet.  In some ways, almost every organization is operating in the cloud already.  Websites, social media, email, online meetings and video calls are all examples of cloud computing.

Typically, end-users access cloud applications via a browser or mobile device, while key information and back-end software are stored and processed on remote servers controlled by a third party.  To be more formal, we can use the definition from the EU Agency for Information Security (ENISA) which defines cloud computing as “an on-demand service model for IT provision, often based on virtualization and distributed computing technologies.”   They further break down the types of services.  SaaS has the most visible offerings which run the gamut from free applications targeted to consumers (think Hotmail, YouTube, Flickr, etc.) to vast systems targeting businesses of all sizes (Office 365, Salesforce, WebEx) and those who target both  (Google Docs, Skype).  But platform as a service or PaaS (Amazon Web Services, Azure, IBM SmartCloud) and hardware as a service or HaaS (Dropbox, OneDrive, Rackspace)  form the backbone for countless transparent transactions.


Before the explosion of the Internet into our day-to-day lives, computing systems were typically self-contained and deployed on-premises under the charge of an information technology department.  The personnel might have been outsourced, but most equipment was kept in-house. All aspects of communication, hardware, software and networking remained under internal control, including the buying, repairing, upgrading, patching and maintaining of systems and software.

However, the advent of the the web revolutionized the focus of computing by allowing realistic off-premises storage, connectivity – and most of all – content and application creation.  For the first time, computing power could be distributed across multiple servers in multiple locations.  This allowed economies of scale to be factored into expansive offerings.  The workforce became increasingly mobile as virtual private networks and telecommuting gained support.  Marching alongside these innovations were cloud services targeting consumers.  These enjoyed increasing popularity which, in turn, created a comfort level with new technology. Internet speed and capacity increased, and soon the reasons for holding onto the traditional model began to break down as users (and management) demanded the flexibility and choices offered by doing business in the cloud.

Benefits of cloud computing

The benefits of cloud computing are numerous.  It has been touted as especially helpful for small- and medium-sized businesses as it levels the playing field, allowing for the deployment of up-to-date technology and tapping into untold computing power without costly expenditures.  For many, working within a cloud-based framework allows for both flexibility and savings.  These systems allow information or resources to be accessed anywhere, at any time, by anyone who has the right credentials. In addition, cloud computing allows organizations to focus on their core competencies, rather than expending precious resources on IT infrastructure needs.  Vast, scalable computing resources are available near real time, with pay-as-you-go models.

Incorporating cloud services is designed to be flexible, easy and efficient.  It can be done piecemeal to avoid disruption or all at once to maximize efficacy.  Equipment maintenance, patches and much of the ‘up-time’ risk is taken over by the cloud vendor. Software is automatically updated and backups, redundancy and disaster preparedness is handled behind the scenes.  In fact, many providers are giving their cloud-based offerings priority over their on-premises solutions.  Cloud computing, in many ways, is the future.

The Risks

The “cloud” industry is expected to grow at more than 20% a year, five times faster than the IT industry as a whole.  Even though the offerings have matured, not everyone is convinced that cloud computing is the right choice: highly-published snafus like the recent Heartbleed security flaw throw a spotlight on the perils of increasing interconnectivity.  The clearest risks revolve around control, specifically around the security and privacy of data.  Many companies are simply not comfortable moving critical data assets outside their own organizations.  Even the most rigorously audited cloud vendors might not pass scrutiny in highly-regulated industries.

There are other challenges with moving data or operations to the cloud, including questions of data ownership.  One murky area is determining which company has the fiduciary and legal responsibility for the data: who is subject to subpoena, disclosure, claims or discovery – the host or the data creator?  Can the vendor be obliged to provide information to legal authorities without the client’s knowledge or consent?  Another contentious topic is the location of the back-end systems that run the cloud.  They can be located, literally, anywhere in the world. As different countries have very different privacy laws, this factor alone can be a showstopper to certain types of deployments.  Other issues include the challenges involved with the co-mingling of data and the difficulties with direct access to data sources for legal, security or HR teams.  Although most cloud providers have provisions for all these situations, their solutions may not be as flexible as on-premises systems.

Specific concerns affect some industries more than others.  Users who transfer large files or enormous amounts of data may be concerned about speed across the internet, while others may wonder what happens to records if a cloud-based provider doesn’t work out.  How data is extracted, in what timeframe, and in what format are all legitimate questions.

With all these areas of concern, it becomes clear that due diligence is needed when researching cloud-based solutions.  Some providers, such as Sherpa Software, address these issues by using a hybrid cloud approach where data never leaves the customer site.  However, to best answer the question of whether the convenience of cloud computing outweighs the challenges, research your options carefully.  Calculate specific scenarios based on your business’ total cost of ownership for each business function under consideration.  Read Service Level Agreements (SLAs) with care and make sure all questions are answered before committing to a decision.  Only this way can you confidently decide whether the risks are worth the rewards.

May 02, 2014
4 hits

Recent Blog Posts
Ways to avoid Information Governance pitfalls
Wed, Oct 5th 2016 2:25p   Jeff Tujetsch
Ways to avoid Information Governance pitfalls Information Governance (IG) -It sounds like it is a very extensive process because unfortunately, it is.  There are many components to IG, with the two major players being software and people. In this article, I will try to expose possible issues that you can hopefully avoid. For those of you that have had school-age kids, you can attest to the kids succeeding more when a routine is established and followed. So why am I talking about routine? Beca
Finding PCI and PII Data with Discovery Attender
Wed, Sep 21st 2016 1:21p   Marta Farensbach
Various privacy laws and other data security regulations detail how private, financial, and other confidential records should be handled. These rules cover the usage and storage of data, such as credit card numbers, social security numbers, social insurance information, and health care records. As described in a previous blog article, having this Personally Identifiable information (PII) or Payment Card Industry (PCI) data loose in your system can cause all kinds trouble, ranging from fi
Bring Your Own Device & Data Security
Tue, Aug 30th 2016 4:25p   Harvey Coblin
With the proliferation of portable electronic devices, increasing numbers of professionals are preferring to carry their own smart phones, laptops, tablets, etc. to use for work-related purposes. Rather than transporting duplicate devices to distinguish between professional vs. personal data, employees can work where and when they please and with hardware and applications they are already familiar with. It is estimated worldwide that one in three employees are utilizing personal devices at the
Understanding the General Data Protection Regulation
Wed, Aug 24th 2016 1:13p   Rick Wilson
If your organization has international operations in the European Union, you should be planning for GDPR compliance now! The General Data Protection Regulation (GDPR) is set to become the overriding data protection regulation with the EU. It was adopted by the European Parliament Council and Commission in 2015, took effect in 2016 and enforcement is scheduled to begin in May of 2018. At its core, the GDPR is intended to provide citizens of the EU with greater control over their personal data
Targeting Risks in IT – 5 Things to Consider
Mon, Jul 11th 2016 6:04p   Marta Farensbach
Today’s compliance, litigation, and regulation-heavy business environments introduce a number of challenges for busy IT professionals. Ignoring any of these areas, as well as failing to implement a strong Information Governance (IG) platform, can introduce substantial risk into your organization. In the worst cases, data breaches, adverse judgements, or non-compliance penalties could thrust a company into the glare of national headlines. Poor policy can affect more than just the finances of a
FOIA reforms are on the way, are you ready?
Wed, Jun 22nd 2016 2:06p   Rick Wilson
If you are employed by a federal government agency, then you are probably well aware of FOIA, or the Freedom of Information Act. FOIA was originally signed into law during the 1960’s by then President Lyndon B. Johnson to establish a process whereby citizens can request copies of governmental records that are not published in the Federal Registry. Agencies, in turn, are required to provide this information in a timely fashion (usually 20 days). Although FOIA is a federal mandate, it has also
Breach of Security: Measuring the Cost of Cyber Crime
Wed, Jun 8th 2016 2:10p   Harvey Coblin
Cybercrime is an increasing threat. Estimates vary widely, but according to a recent Reuters article, “Cyber crime costs (the) global economy $445 billion a year.” Other estimates place the costs as high as $1 trillion. The reason estimates vary is due in part to the fact that cybercrime can come in many forms, ranging from denial of service, theft of credit card or other financial information  (PCI/PII), industrial espionage, all the way up the ladder to state-sponsored terroris
How to Survive Data Discovery in the Digital Age
Wed, May 18th 2016 12:42p   Jeff Tujetsch
eDiscovery. That one word will make IT professionals start shaking. But, as the most technologically advanced civilization in the world, why is that? Is it because of what will be found? Is it because of what they are asked to search? Or is it because of the search terms they are asked to use? Well, the answer to each question is ‘Yes’. Data Discovery has grown into a multi-billion dollar world-wide business. Though the United States might lead the way because of our litigiousness,
Information Governance and the Internet of Things
Wed, May 11th 2016 2:28p   Marta Farensbach
Machines talking to machines.  Once the province of science fiction, the Internet of Things is set to transform industries as visionaries incorporate its wide reach into everyday objects. On a very simple level, the Internet of Things (IoT) describes the freeing of communication from the domain of computers and smart phones by allowing all types of devices to share information across the internet.  ‘Things’ like cars, fridges, health monitors, water meters and so much more can be empower
WHITE PAPER: Implementing Office 365: Inherent Features and the Need for Third Party Tools
Wed, May 4th 2016 12:59p   bhat67i
In this white paper, the topic of Office 365 and complementary solutions will be discussed; insights will be offered on a business’ future migration plans and knowing the options available. One will learn:  Why Office 365 is a compelling platform, Examples of productivity integrations, About the importance of information governance integration, Supplementing with third party software Click here to download this white paper! The post WHITE PAPER: Implementing Office 365: Inherent Fea

Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition