Valor IT Technology Blog

For years now the idea and implementation of cloud computing has been gaining momentum. Many business have been experimenting with different cloud applications, but for the most part company employees were not aware of the concepts of cloud computing. Their expectations of their work systems are often set by their interactions with their home computing environments. While some of your employees might be using some cloud style systems, most have not.

That is about to change. The introduction of Apple's iCloud will create a tipping point that will have a profound impact on consumer software and services. Soon employees will become used to having access to all their stuff everywhere and instantly. They are going to want the same access to their work environment.

Like it or not, where Apple goes, everyone else eventually follows. Apple has been a trend setter in the industry for years.  While most of their products are targeted at consumers over time these changes all make their way into business.  From the graphical user interphase on your computer to the new tablet or smartphone that you are holding have been influenced by Apple.

Apple has just introduced an attractive cloud system for a whole range of things consumers care about.  It is the comprehensiveness and elegance of the iCloud system that will unleash a tipping point.  Documents, photos, email, contacts, calendars--users will get used to moving fluidly between all of them on different devices.  And as soon as your employees become used to things acting this way, they’ll start actually expecting things to act this way. And when that happens, if your company does not offer these same experiences you might start loosing attractive candidates.

As a company if you have not started the conversation about how you are going to start transforming your legacy data system, it is time to start.  The consultants at Valor IT would be happy to sit down with you and conduct a baseline overview of your system and help you with this transition.

We often hear from clients that they are hesitant about moving their internal systems into the cloud because of security issues. The reasons range from availability of the systems to the information getting hacked as it transfer over public data lines. Securing critical business data is certainly an absolute must and ensuring constancy access to that data is just as important. Fortunately with the advances in Cloud computing not only has the technology eliminated the security issues; cloud computing will likely improve data availability to your company.

As you consider the move to a Cloud based system it is important to look for transparency with respect to vendor services, and avoid companies that fail to provide a comprehensive overview of security procedures. It is always a good idea to ask as many questions as you can concerning policy guidelines; security architecture such as encryption, firewalls and other technical features; and to what degree the vendor can verify that service and control processes are functioning correctly.  Things to look for are:

• Privileged user access. Sensitive data processed outside the enterprise brings with it an inherent level of risk, because outsourced services bypass the "physical, logical and personnel controls" IT shops exert over in-house programs. Get as much information as you can about the people who manage your data.

• Regulatory compliance. Customers are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider. Traditional service providers are subjected to external audits and security certifications. Cloud computing providers who refuse to undergo this scrutiny are not worth the trouble.

• Data location. When you use the cloud, you probably won't know exactly where your data is hosted. In fact, you might not even know what country it will be stored in. Ask providers if they will commit to storing and processing data in specific jurisdictions, and whether or not they will contractually abide by it.

• Data segregation. Data in the cloud is typically in a shared environment alongside data from other customers. Encryption is effective but isn't a cure-all. The cloud provider should provide evidence that encryption schemes were designed and tested by experienced specialists.

• Recovery. Even if you don't know where your data is, a cloud provider should tell you what will happen to your data and service in case of a digital catastrophe. Ask your provider if it has the ability to do a complete restoration, and what sort of time-frame is involved in accomplishing this.

• Investigative support. Investigating inappropriate or illegal activity may be impossible in cloud computing. See to what degree the vendor will contractually support investigative activities.

• Long-term viability. Ideally, your cloud computing provider will never go broke or get acquired by a larger company. But it is up to you to ensure that your data will remain available even after such an event. Ask potential providers what sort of assurances they can commit to in such an event.

We often hear from clients that they are hesitant about moving their internal systems into the cloud because of security issues. The reasons range from availability of the systems to the information getting hacked as it transfer over public data lines. Securing critical business data is certainly an absolute must and ensuring constant access to that data is just as important. Fortunately with the advances in Cloud computing not only has the technology eliminated the security issues; cloud computing will likely improve data availability to your company.

As you consider the move to a Cloud based system it is important to look for transparency with respect to vendor services, and avoid companies that fail to provide a comprehensive overview of security procedures. It is always a good idea to ask as many questions as you can concerning policy guidelines; security architecture such as encryption, firewalls and other technical features; and to what degree the vendor can verify that service and control processes are functioning correctly.  Things to look for are:

• Privileged user access. Sensitive data processed outside the enterprise brings with it an inherent level of risk, because outsourced services bypass the "physical, logical and personnel controls" IT shops exert over in-house programs. Get as much information as you can about the people who manage your data.

• Regulatory compliance. Customers are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider. Traditional service providers are subjected to external audits and security certifications. Cloud computing providers who refuse to undergo this scrutiny are not worth the trouble.

• Data location. When you use the cloud, you probably won't know exactly where your data is hosted. In fact, you might not even know what country it will be stored in. Ask providers if they will commit to storing and processing data in specific jurisdictions, and whether or not they will contractually abide by it.

• Data segregation. Data in the cloud is typically in a shared environment alongside data from other customers. Encryption is effective but isn't a cure-all. The cloud provider should provide evidence that encryption schemes were designed and tested by experienced specialists.

• Recovery. Even if you don't know where your data is, a cloud provider should tell you what will happen to your data and service in case of a digital catastrophe. Ask your provider if it has the ability to do a complete restoration, and what sort of time-frame is involved in accomplishing this.

• Investigative support. Investigating inappropriate or illegal activity may be impossible in cloud computing. See to what degree the vendor will contractually support investigative activities.

• Long-term viability. Ideally, your cloud computing provider will never go broke or get acquired by a larger company. But it is up to you to ensure that your data will remain available even after such an event. Ask potential providers what sort of assurances they can commit to in such an event.