Don’t get me wrong, I use and rely on cloud technologies everyday. But I’m also not one to execute a cloud strategy blindly. My IT cool factor never much worries me if by following the cloud crowd due diligence must be discounted as “fuddy-duddy” or “unadventurous”.
The more considered among us have to think of how these uncontrolled, third-party solutions expose a firm to service-level and security risks. In the first category, the risk of an outage at a pivotal point in a deal negotiation leaves the entire organization helpless to answer based on archived or shared documents. Think of the time limit that might be placed on seemingly acceptable terms during a contract negotiation. Let’s say a negotiator recalls information that will sell the counter-party’s offer to his own team but then cannot gain access to that resource. Without a backup cloud or local backup solution, the team may find itself unable to accept or continue negotiating. The repercussions could be disastrous if the counter-party refuses to wait or accommodate the team.
Firms relying on the security protocols of public cloud solutions or remote private clouds accept the same risk threshold of the service provider and then some. Should data records be subpoenaed by governing authorities, the third-party service supplier will interpret its lawful responsibilities according to its own legal department. It’s highly unlikely that the client firm’s legal team will be involved in any of the negotiations or arrangements.