The New Cloud IT Ecosystem: Hidden Complexity and Risk Assuaged by Due Diligence

  • 1

Cloud IT risk has unique characteristics owing to the increased interconnectivityThe new cloud IT ecosystem has brought us heretofore unimagined capability and capacity for even the smallest of companies – newfound abilities to compete, build brand recognition and reach new market penetration. There are also new risks that must be circumnavigated …

The old mantra for businesses, “location, location, location”, has given way to connectivity– which now translates to new opportunity.  As technology rapidly evolves, businesses and consumers increasingly connect irrespective of place and time.cloud summit explains cloud IT risks of a paperless office

The New Cloud IT Ecosystem

Where businesses once easily identified their respective vendors and service providers, the identification of providers within the new service ‘delivery chain’ are no longer so easily recognized.   Among the benefits of the new cloud IT ecosystem is the ability to reach beyond historical boundaries.

Thus the risk for many businesses today lay in not fully understanding with whom, and in how,  the traditional technological borders are being dissolved.

For many an enterprise, the ease and efficiency introduced within the cloud IT models foreshadow certain increased potential for risk. Service level agreements and vendor contracts are presumed to be adequate to protect the business and its data assets, yet recent newsworthy events should cause businesses to examine their entire provider network.  It’s not that the average business need be overly concerned about government snooping …

“But they should be aware of who has access to their systems and data, and which entities are responsible for which parts of the system.  It’s only prudent to know the details, and it is the best first step to mitigate business risk,” blogs cloud technologist Joanie Mann at Cooper-Mann Consulting.

“Enterprise Clouds are complex, sophisticated entities which invariably rely on a daisy-chain of third parties and contractors to help build, run and maintain their Cloud provider’s systems. The organizational and technical complexities are additive, resulting in increased systemic risk. Systemic risk is the least visible and hardest to eliminate, and those risks become real when the providers’ systemic risks become yours.”

The bottom-line consideration is, how adequately does your Cloud IT provider manage the ecosphere of vendors and contractors that are farther down the delivery chain?

“This is increasingly relevant in the emerging globalized workforce, where, paradoxically, Cloud and related technologies have greatly facilitated the outsourcing and offshoring of work to low-cost countries,” states Mann

Prior to consummating a service agreement with any outsourced cloud IT provider, confirm that the details of facility, connectivity, network, equipment, and other elements of the delivery and system are clearly spelled out.  Business subscribers should know where the various points of potential failure exist, and which company is responsible for dealing with each. 

If a carrier fails and connectivity to the data center is lost, the cloud IT provider may be powerless to impact the situation, even though access to service is part of the SLA and requirement.  If a hosted software product shows a vulnerability or fails to perform, the developer of the product is likely responsible, rather than a cloud IT or hosting service provider.  The point underscored is that often there are multiple service and technology providers within the delivery chain, and customers should be aware of this before engaging the service.

Ultimately, business customers with mission critical data in the possession of a third-party service provider must maintain a healthy measure of doubt as to whether the provider has full control over their environment.  Business owners, managers and CFOs must rightly grok the elevated necessity of risk evaluation within their provider systems and in provider/vendor relationships, to keep trade secrets confidential and prevent erosion of intellectual property.

————
cloud summit explains cloud IT risk and  the benefits of managed cloud providersAre you ready to explore your cloud IT risk considerations with one of North America’s most respected managed cloud providers? Remember us: Schedule a demo or a 7-day trial and discover first hand why Cloud9 Real Time is the #1 choice of cloud computing providers among more accountants, CFOs, entrepreneurs, small business owners, and CPAs. Or come to Cloud Summit 2014 in San Diego September 17-19 and find out what all the hubbub is about!

AUTHOR

Sarah Gardiner

All stories by: Sarah Gardiner