This post is the ninth, and final, post in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
Good News; Bad News.
The Good News: Organizations can choose from a rapidly growing myriad of cloud computing services and solutions.
The Bad News: Organizations can choose from a rapidly growing myriad of cloud computing services and solutions.
When looking to move into the cloud, organizations have an abundant set of choices and options that offer similar functions and services. Even more challenging, many cloud solutions offer features that overlap, creating redundancy at the intersection (i.e., the Google Drive component of Google Apps versus Dropbox).
For many organizations, the marketplace is confusing and full of claims that may be hard to verify. Too often, the decision falls to price, not business value, and organizations end up getting what they pay for.
Start at the Beginning
Organizations looking to move into the cloud should start at the beginning step of any successful IT project — business requirements. What are the business reasons for moving into the cloud? These could be a simple as “keep the same functionality as in-house systems, but at a lower cost” or as sophisticated as “expand into international markets”.
The business requirements drive the technical requirements. The technical requirements guide the selection of the solution. Evaluate how well the solution meets your technical requirements and how well it supports your business requirements first. Include relevant issues of customization, management, and support. Then, look at the cost.
Vet the Vendor
While the concept of cloud computing dates back to mainframe time-sharing services in the 1970s and 1980s, today’s marketplace is new. Every cloud vendor is new to the market as their services are relatively (no more than 5 years old) new. Do not assume “name brand” companies are best. Microsoft, for example, is a well-established mature business. And yet, they have proven they are very capable of failing when it comes to providing a reliable cloud computing service.
Look at prospective vendors for their track record (as limited as it may be) with respect to performance, availability, reliability, support, innovation, and customer service. Talk with customers and see out organizations that have dropped the service.
Understand where the vendor is financially. Are they profitable? Are they running on venture funds, and will they be sustainable before the funds run out? Is the vendor’s financial position improving as their sales grow?
Use a Trusted Partner
Find a partner that knows cloud computing and can help you find your way through the myriad of options. Work with cloud solution providers that do not push you only to what they currently sell. Better CSPs will direct you to other resources and will either contract with them on your behalf or hand off the relationship.
If your current IT firm or your internal IT team cannot navigate the cloud computing territory, look for a partner that will work with, and will help educate, your current IT staff and/or team. As with your cloud solutions selection, choosing a cloud solutions provider is about business value.
A good CSP can help you find, vet, select, and implement the right solution.
Posted in General | Tagged choices, Cloud Computing, Cloud Solutions, Google Apps | Leave a comment
June 6, 2013
This post is the eighth in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
Cloud computing is global and a growing number of cloud solution providers are global as well. Data stored in the cloud can end up in data centers in other countries and jurisdictions with differing laws and level of privacy protection. In addition, organizations may be subject to laws or regulations that restrict data from being stored across national boundaries or in other jurisdictions.
Some risk exists in national or local laws related to data privacy and ownership.
Learn Before You Leap
Before signing on with a cloud provider, ask the questions about where data is stored and how the provider is protecting your data from foreign governments and other interests. Review all contracts, agreements, and vendor policy statements to ensure they are consistent with the message you hear from the sales team.
Look for adherence to privacy standards based on international treaties, such as Safe Harbor and EU Safe Harbor. While these programs cannot eliminate all risk, they do set reliable standards and ensure the vendor has a process for managing any issues that arise.
Explore options with your vendor. Many cloud vendors allow customers to select specific data centers in which their systems will run and/or data resides.
Seek out some knowledge about the privacy laws and regulations in the countries in which your data may reside (many Canadian firms, for example, see the US Patriot Act as a risk when data resides in the US).
With a small amount of due diligence, organizations can judge the vendor’s competency in managing data privacy and ownership across boundaries, and can ensure the cloud solution meets the organization’s needs above all.
Next Post in the Series: Coming Monday June 10th
Previous Post in the Series: Regulatory CompliancePosted in General | Tagged Cloud Computing, Cloud Solutions, Internationalization, Ownership, privacy, security | 1 Comment
June 4, 2013
This post is the seventh in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
Moving to the cloud often entails more than switching to an email service or spinning up a some cloud-based storage and servers. For many businesses — including Small and Mid-Size Businesses (SMBs) — regulatory requirements place demands on IT systems and security. And, while these requirements impact in-house and cloud solutions, moving to the cloud requires planning.
The most common regulations for SMBs relate to consumer (customer) privacy: HIPAA, which protects personal health information, and PCI, which protects personal and credit related information. Many SMBs, however, must also meet the requirements of Sarbanes/Oxley, FINRA, SEC, and various state regulations.
The solution: Integrating Solutions.
Fortunately, the tools and systems exist to provide compliance with data security and privacy regulations. Cloud vendors are creating environments and the management controls necessary for customer regulatory compliance and certification.
The challenge is to make sure that all of the pieces work together.
These types of solutions, and others, provide cloud environments with the capabilities to meet regulatory requirements. Vendor contracts and policies should still be carefully reviewed for any terms and conditions that threaten compliance.
And remember, no vendor can ensure compliance. Compliance exists when the technology meets the technical standards and is used in accordance with policies and procedures that meet the regulatory intent.
Next Post in the Series: Internationalization
Previous Post in the Series: Integration with Legacy SystemsPosted in General | Tagged Cloud Computing, Cloud Solutions, HIPAA, PCI, Regulatory Compliance, Sarbanes/Oxley | 2 Comments
May 28, 2013
This post is the sixth in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
Very few businesses go “all-in” when moving into the cloud. Most businesses start their move into the cloud with specific applications and services. For small and mid-size businesses, the trend is to go cloud with critical core services, such as email and calendaring, and/or applications, such as CRM. Over time, businesses add additional applications and services, such as file services, and hosting of legacy applications and servers.
The result: Most businesses have a hybrid environment of on-premise and cloud solutions.
For many businesses, this creates a new need to integrate existing systems with new cloud-based applications and services.
While this may seem overwhelming, the scope of the integration depends, in large part, how well your in-house systems integrate today. For most small and mid-size businesses (SMBs), legacy application integration focuses on a few key features:
When looking at cloud solutions, take a moment to research your current environment and needs:
With a short assessment, organizations can determine if, when, and how to best integrate new, cloud-based solutions with legacy applications and systems. As with any IT project, the focus should be on resulting business value.
Next Post in the Series: Regulatory Compliance
Previous Post in the Series: Lock-InPosted in General | Tagged Cloud Computing, Integration, Legacy Applications, Migrating, Planning | 1 Comment
May 24, 2013
As Google prepares to replace Google Talk with Google+ Hangouts, customers expect to benefit from the improved audio/video quality and features that Hangouts offer over Talk.
There are very good reasons why Google+ Hangouts are OFF by default in Google Apps for Business (Gov and Edu, too). Before you turn on Google+ Hangouts, understand the current ramifications.
Google advises enterprise environments to continue using Google Talk for instant messaging, voice, and video conferencing.
Cumulus Global shares this recommendation, as the implications of adding Google+ Hangouts is not fully understood. Organizations interested in a test domain may contact us for assistance.
Posted in General | Tagged Google, Google Apps, Google Apps for Business, Google Apps Vault, Google+ Hangouts, Hangouts, Vault | Leave a comment
May 23, 2013
This post is the fifth in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
When looking at cloud solutions, most organizations spend a great deal of time, appropriately so, investigating how they will move data and processes into the cloud. At the same time, organizations should understand how they will get data out of the cloud should they decide to switch solutions in the future.
While this seems like a new issue or concern, the reality remains that organizations switch systems and data migration and integration issues exist — cloud or not. The same analysis and decision making process that organizations follow for in-house systems should be followed for cloud solutions.
Platform as a Service (PaaS) solutions provide environments that, in general, enable data and application movement. Moving to a Windows Server image in the cloud is not much different from moving to an in-house Windows server. Key considerations focus on the amount of data and the time/efficiency of moving the data on or off the cloud server.
Software as a Service (SaaS) solutions can prove more challenging. Migrating to or from a cloud-based application provides the same challenges as migrating data to a new in-house application. Record matching, data scrubbing, and data translation are all issues to be considered. In addition to the strength of the import utilities, understand the strength and cost of the export utilities. Some SaaS applications only provide comprehensive export capabilities at their most expensive licensing options.
Fear of “Lock-In” should not prevent organizations from moving into cloud solutions. Rather, a small amount of due diligence will ensure that the “how” and “how much” of a future migration is understood.
Next Post in the Series: Integration with Legacy Systems
Previous Post in the Series: PrivacyPosted in General | Tagged Applications, Cloud Computing, Data, Lock-In, migration, Paas, SaaS | 1 Comment
May 20, 2013
This post is the fourth in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
Few topics related to cloud computing create more passion than privacy. Knowing how well your organization’s information will be safe-guarded is key to trusting a service provider and the decision to go to the cloud in the first place.
Privacy, while closely related to security, differs in that security addresses access and protection of information, privacy addresses who can access data and how it may be used.
When considering privacy, organizations should start with three documents from the service provider:
When looking to choose a cloud solutions provider, look at all three documents. Verify that they are comprehensive and clear. Understand how they address any particular regulatory requirements for your organization. Validate that they are consistent — that no conflicts or gaps exist that could lead to confusion or misunderstandings down the road.
Make sure the review of privacy policies and looks at the specific customer agreements and policies. Many cloud providers offer “free” or “consumer” services with different terms and conditions than their paid (or free) solutions for business, government, education, and non-profits. Many organizations spin their wheels and raise unwarranted concerns by not focusing on the specific, applicable agreements, and policies.
Finally, review the privacy performance of the service provider. If they have had any sort of breach, or a privacy dispute, understand the nature, scope, and response. Understand if the breach was provider-related or due to the actions or inaction of the customer. Assess the appropriateness of the provider’s response given the nature of the issue.
Again, due diligence is key. A small amount of research, a few questions, and an accurate understanding of how a service provider plans and manages privacy will help organizations determine if the provider meets the organization’s privacy needs and priorities.
Next Post in the Series: Lock-In
May 16, 2013
This post is the third in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
One of the challenges in planning a move to the cloud remains the relative youth of the current industry. While the concept of cloud computing is not new (tip your hat to Control Data in the 1980′s and their mainframe time-sharing service), most cloud computing services are relatively new. Even services from long-standing, reliable vendors — like IBM and Dell — are relatively new ventures for these firms and have yet to be proven in a long-term market.
Organizations looking at any cloud service, be it SaaS, PaaS, or IaaS, must consider the reliability of the provider. In doing so, it is the customer that must also understand the benchmarks being used by vendors when reporting their statistics. Considerations include:
With a modicum of due diligence, organizations can assess the reliability of cloud solution providers before making a commitment. Reputable vendors will openly share their data and will not hesitate to discuss failures and how similar events will be prevented going forward. And while, this type of discussion feels new, it is the same process CIOs and IT decision makers have been using for decades as they evaluate new technologies and vendors. The players are new, but the process remains the same.
Next Post in the Series: Privacy
Previous Post in the Series: Moving to the Cloud: Cost Savings
Posted in General | Tagged Availability, Cloud Computing, due-diligence, Performance, Reliability, Stability | 1 Comment
May 14, 2013
This post is the second in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
Will moving to the cloud save money?
The answer is a definite, absolute … maybe!
Whether or not a move to the cloud saves money depends on the in-house services being replaced and the cloud-based services taking their place, as well as the impact the change will have on related IT services and your business.
In our experience, most companies see savings over 3-year and 5-year periods of 30% or more. Some companies see total cost of ownership (TCO) savings of up to 70%
When looking at 5-year TCO, organizations must make honest projections on IT spending to maintain the status quo and/or upgrading systems. Beyond projected hardware and software replacements and upgrades, the analysis should include the cost of services and supporting systems (backup, anti-virus, security, etc.). The analysis should also assess soft costs for administration, support, and estimated down time.
The challenge remains making the comparison equivalent. For example, moving from a single in-house Exchange server to Google Apps for Business is a move from a system with several single points of failure to a highly redundant and highly available service. If improving availability is an objective of the move to the cloud, the comparison should include the cost of upgrading the Exchange environment for redundancy.
A final consideration should include any business enablement that comes from the move into the cloud. Will the cloud service enable the business to operate more efficiently and/or in new, more productive ways? Improved collaboration, real-time communications, and access to information are all examples of how Google Apps for Business enables businesses over traditional email services.
In straight dollars and cents, not every company will see savings when moving to cloud-based solutions. With better availability and expanded capabilities, cloud computing solutions can deliver better value, even when the price tag is higher.
Next Post in the Series: Provider Reliability
Previous Post in the Series: Moving to the Cloud: Security
Posted in General | Tagged Business value, Cloud, Cloud Computing, Collaboration, Communications, cost savings, Google Apps for Business, MS Exchange., Value | 2 Comments
May 10, 2013
This post is the first in a series addressing concerns organizations may have that prevent them from moving the cloud-based solutions.
At some point in the evaluation and decision process, the issue of security comes to the forefront as organizations look at cloud computing. Vendors and resellers, like Cumulus Global, often provide two answers — both of which are correct:
As a first step, organizations moving to the cloud should review the security capabilities of their solution provider. Beyond the technology, look for certifications such as SSAE-16 Type I and II, ISO 27001, and FISMA. Make sure that the provider’s security practices are reflected in their terms of service, contracts, and service level agreements. Finally, verify if and how you can add security capabilities to meet business or industry requirements.
With a reasonable level of due diligence and planning, cloud solutions can overcome any security concerns.
Next Post in the Series: Moving to the Cloud: Cost SavingsPosted in General | Tagged Cloud Computing, cloud security, objections, security | 1 Comment
← Older posts