By now, the debate over whether or not the cloud has a place in enterprise is dead. A cloud infrastructure offers improved scalability, lessens the burden on your IT department, and saves you time and money. By removing the need to build out your own data center or construct in-house applications, the cloud allows you to focus on developing your product or service, rather than spending all your money on the back end.
And it looks like the enterprise agrees. According to a recent survey, 75 percent of businesses have increased their 2015 budgets to adopt more security-minded applications. By 2016, EMC expects that 96 percent of enterprise applications will be run in a private cloud.
Clearly the question is no longer “Should you use the cloud?” but “How do you implement it?” Better yet, ask yourself these three simple questions: Who, what, and where?
The ‘Who’
Regardless of whether you go private or public, it’s vital to perform due diligence on the vendor you’re planning to entrust your data with. The question of whether or not the cloud is truly secure often pops up when it comes to enterprise, but that question is pretty vague and unhelpful. You should really ask, “Is this particular cloud solution secure?”
Both the vendors and the data center you use should be fully audited and accredited to meet your security standards and, if required, the standards of the regulatory body you answer to. For instance, the ISO 27001 certification is vital for any vendor you’re entrusting with sensitive data.
And security is only one part of the equation. What sort of reputation does the cloud provider have when it comes to uptime? Uptime guarantees should be in service-level agreements, and vendors should be insured against it. This way, you’ll be compensated for any unforeseen downtime.
At first, you may experience that uncomfortable feeling of knowing that sensitive data is in the hands of a remote third party. But discovering more about the third party and what it will do for you can go a long way toward ensuring better security and a greater peace of mind.
The ‘What’
Knowing what type of data you’re storing can change how you store it. Public solutions, like those offered by Amazon or Rackspace, are usually cheaper and more accessible, but you won’t have a private server database or application. Instead, the database is shared with everyone else paying for the service. The separation between each company’s data is a matter of software, not physical components.
As a result, the public cloud can’t offer you the same amount of security as a private cloud, and it won’t meet the standards of regulatory bodies. Other security features to consider when choosing a provider include: disaster recovery, data backup, and a fully redundant infrastructure to guarantee uptime. Also, decide on single- or multi-tenant hosting, and consider whether the provider performs independent penetration tests on its platform for added security.
The private cloud is generally more expensive. However, because it’s single-tenant rather than multi-tenant, it can reach security standards that a public cloud simply can’t. For most enterprise customers, the private cloud is the way to go, especially if you plan to store highly confidential information. However, hybrid storage models that combine the cloud with on-premise hosting might be preferred in some situations.
When you’re deciding among private, public, or hybrid cloud options, you need to consider the needs of your business and the type of data that you’ll be storing. Research vendors, hosting types, security, and sovereignty to cover all your bases.
The ‘Where’
This is perhaps the most overlooked question when it comes to cloud computing, but it’s vital for the enterprise. Knowing where your data is stored can have serious ramifications in terms of who can access it and what regulations need to be followed. Ideally, cloud vendors should offer hosting in a range of jurisdictions from which you can choose, and they should be able to talk you through the laws surrounding each option.
Data sovereignty is a hot issue right now. It makes no difference whether a U.S. company keeps its data in the country or abroad. The Patriot Act allows the U.S. government to access digital data no matter where it’s stored. These laws also apply to data hosted in the U.S. by non-U.S. providers.
Whether you like it or not, the cloud is going to be a major player in enterprise; it offers significant advantages over hosting everything internally. Stop wasting your time debating the vagaries of whether the cloud is the right move forward, and start figuring out the right way to move forward with the cloud.