There are risks associated with Cloud Computing deployments and this should be considered when planning to use cloud computing as an engagement or business model.
- Risk can be reflected in security issues in relation to sensitive data and privacy, risk of losing independence and potentially losing control.
- Regulations. Will the company you are working with ensure that all regulations and laws are adhered to such as Data Protection and Compliance legislation.
- Security. Not only must the data be secure the systems provided must be secured against other losses that can be caused by hackers and viruses.
- Potential threat to security or access to confidential information. There are many examples where confidential data has gone ‘astray’ or been sold. Processes and procedures must be put in place to ensure that only certain personnel can access specific information, especially with payroll systems, HR and client records.
- Job losses. It may in certain circumstances lead to some people losing their jobs as a result of a third party company servicing the IT requirements. Clearly this will need to be considered from a legal and personnel perspective but this is not the purpose of engaging with cloud deployment models and as a result is rare.
- Potential loss of control. Naturally it can be easier to manage your own data, software as well as other services rather than relying upon a third party, but again, this can be resolved with good communication and regular update meetings.
- Failure to meet service levels or poor quality of service (QoS). This can be caused by changing needs, unclear objectives or through incompetence.
- The company that provides you with the services must be able to reasonably guarantee that they will be able to continue to provide a service in the event of a system failure. Most companies have tow systems running so that if one fails, another system automatically replaces it. (See: Understand Disaster Recovery)
Service Level Agreements & Quality of Service (QoS)
It is important to agree upon a Service Level Agreement (or SLA) in order to ensure that any commitments made by the service provider are met. The SLA provides a framework that both customer and services provider agree to. In broad terms, this may be that the Cloud Computing service provider must provide a response to an issue within a fixed time, problem management and resolution and performance measurement. The SLA is also a list of services and objectives that the IT services company agrees to deliver.
If the SLA conditions are not consistently met, this can lead to termination of the agreement and or penalties to be made. Theses penalties are more often than not, financial but act as a deterrent of delivery of poor service unless there are extenuating circumstances.
Services must be delivered against a contract to ensure that if the services delivered fall below a certain level, the penalties will be invoked. This ensures that a high level of service is delivered most of the time.
This SLA will ensure that a high Quality of Service (QoS) is achieved. This essentially means that what is agreed upon is actually delivered.