Symantec, in its 2013 State of the Cloud Survey, surveyed more than 3 000 organisations across 29 countries and found certain problems coming up again and again. “The benefits of the cloud are tremendous,” says Tom Powledge, the vice president of products and services for Symantec’s cloud and small-business group, “but you have to take precautions to protect yourself.”
Before moving key business functions to the cloud, the first step is to decide which areas of your business you want to entrust to a cloud service. Email management is the most common, with entrepreneurs ditching Microsoft Outlook and similar programs for web-hosted services such as Gmail. Once you’ve figured out what you want to move to the cloud, it’s time to start researching compliance issues and determining how to manage the flow of data.
Below are what Powledge considers the top three hidden costs and advice on how to avoid them.
1. “Rogue” clouds
One of the most common dangers of using cloud services for your business is that of rogue implementations. This ominous phrase refers to employees setting up private accounts with Dropbox, Box.net or other cloud storage services and moving confidential company files to their private accounts.
Why is this a big deal? Hacking is one concern. Some cloud services have experienced security issues. And if the storage app is loaded onto an employee’s mobile device, the loss of that device could put your company’s confidential information into unknown hands.
Fully 70% of the businesses Symantec surveyed saw problems resulting from rogue implementations in the past 12 months. So how can you prevent them? First, says Powledge, “educate employees as to what services can be used, what services can’t be used, and how company info should be treated.”
Institute a company policy that all employees must password-protect their mobile devices and that they need to check with the IT department before signing up for a cloud service.
There’s also a technology-based solution: Your company’s IT administrator can put the cloud-service app on an employee’s computer or mobile device, creating settings that determine how the employee can use the service.
2. Compliance snafus
Some organisations, such as a hospitals and private medical practices, must adhere to data-privacy regulations. Others, especially small businesses in Europe and companies in the U.S. that work with government entities, may be subject to data-sovereignty laws. These laws state that a certain batch of data has to reside in a particular country.
A lot of small businesses are dangerously ignorant of data-sovereignty laws, says Powledge, and risk being out of compliance. First, find out what data regulations you’re subject to. Then make sure the cloud-service provider you use is in compliance with those regulations and can prove that its service will not put you on the wrong side of the law.
3. Inefficient storage
Cloud-based solutions for backing up your data often charge by the gigabyte. So what happens when all your employees back up their hard drives, each of which contains a lot of the same data as all the others? Your bank account will feel it.
“If you’re paying by the gigabyte and you’re backing up multiple copies of the same data, you’re going to run out of storage pretty fast,” Powledge says. Research online backup services before you sign up, and use one that offers data de-duplication, such as Carbonite, Mozy or Symantec. If you don’t, you risk paying a lot more in the long run.