Last week I was reading the three little pigs with my two year old daughter, for what seemed like the thousandth time. While reciting the story it occurred to me that while many businesses have moved away from viewing technology as something that was a necessity thrust upon them, to it being a commodity that is central to driving efficiency and compliance through the organisation. They are still building their technology stacks out of straw.
Yes, it is strange what the mind ponders on!
With 30% of organisations reporting being victims of fraud, the big bad wolf certainly has sharper teeth than ever. Data fraud is a multi billion pound international organised crime industry. To add to the problems firms face, the FCA is not afraid to dish out severe penalties for data loss and poor procedures. With this in mind, how much risk are you willing to accept within your organisation?
While most organisations have implemented firewalls and intrusion-detection systems this is simply paying lip service to what is required. Data and information security is now a huge multi million pound industry and staying in line with latest industry standards such as ISO 27001 takes extensive cost and effort which for many firms is just not a tenable option.
For these reasons many firms are now choosing to move their data, especially their Client Management Systems, to the cloud.
When considering the cloud there are a number of factors that need to be taken into account. A lot of the coverage runs through data and information security, and finding organisations that have certification such as ISO 27001 is good due diligence. However, some of the other areas an organisation looking to move to the cloud will want to think about:
- Interoperability of cloud solutions. For example if your client management system (CMS) is hosted by one provider and your email by another, will any integration points between the two systems still work as expected?
- Disaster Recovery (DR) — if you are running multiple cloud solutions is your DR aligned? Which applications are business critical?
- You are only are strong as your weakest link — where you have multiple cloud suppliers what is the impact of any one of them not being operational?
- Data backups — how often will you cloud supplier back up your data? Is this taken off site? If so, is the data encrypted?
- Financial Strength of the provider — how stable is the cloud provider? Note that you are now placing your business in the hands of a third party — are they going to be there in the years to come?
- If the worst should happen what is your contractual position on getting your data back should the organisation become insolvent or you wish to move to another supplier?
- What level of classification is the data centre where your applications will be hosted (Tier 1, 2, 3 or 4). Note tier 4 is typically military grade, at SSP we have Tier 3 facilities.
Moving to a cloud based platform can provide huge benefits when delivered with the right partner. At SSP we offer a platform as a service proposition where organisations can choose what they would like us to host — the CMS system, Microsoft Office, Microsoft Outlook, document management solutions and any other third party applications. They can then select their communication method whether that is the internet or a leased line, and also select their service level agreements (SLA) and DR — from standard 48hr to instant fall over.
Effectively IT becomes a utility, no different to your gas and electricity, and can free organisations up from none core activities — such as running an IT department. I appreciate that the cloud will not be right for every organisation, but for those that do want to move to the cloud they should build with bricks, implementing an organisation wide strategic plan where data security is a central pillar — not via a process of isolated needs.
About the AuthorFollow on Twitter Follow on Linkedin Visit Website More content by SSP Limited