Tag Archives: cloud

5 Considerations Before Moving to the Cloud

Send to Kindle

According to a Gartner report, the worldwide public cloud markets will top $131 billion by the end of 2013, an 18.5% increase from 2012. However, before your organization can join this cloud revolution, there are many considerations to discuss with your team. In today’s post we highlight five of the key points your business needs to consider before moving to the cloud.

Top 5 Cloud Considerations

1. Data Security

Research from OnlineTech states that 74% of cloud consumers believe their cloud provider is responsible for protecting their data. However, in the same report 63% of respondents admitted to not knowing what their providers were doing to protect their data. These conflicting stats illustrate that many of the organizations moving to the cloud do not have a clear grasp of the security considerations that come with a cloud migration.

By moving your data to the cloud you won’t necessarily be opening it up to new security threats. However, as more people have access to your data, the risks of data loss or tampering increase.  Be sure to consider how your data will be stored regardless of the system you are considering. Is the data encrypted? Make sure that only your team will have ready access to your data prior to making the move.

Takeaway: Ask your potential cloud provider how your data will be stored, is it encrypted and what is the process for retrieving data should there be a data loss?

2. Cost

One of the main benefits of moving to the cloud is the potential of reduced IT costs. While it’s true that costs can be lowered, don’t go into your migration assuming that will be the case. You have to take into account the costs of switching to a new system – something to plan for ahead of time. Speak to different vendors and ask them about their pricing, specifically:

  • Are there any hidden costs my organization should know about?
  • Will the architecture of the cloud cause me any additional costs in the future?
  • Often there can be a data migration cost to. Is this is included in the stated price quote?
  • Support time: Does 24/7 support come with the package or is that an added cost you need to plan for?

Takeaway: Dig into the potential for hidden costs associated with a move to the cloud and ensure all details are listed in your contract or SLA.

3. Uptime & Service Level Agreement (SLA)

A Service Level Agreement is part of your contract and formally details the services you are signing up for. You can think of it as the fine print on any contract. And like a contract, you should be sure to consider every detail of the SLA for each cloud provider.  Review the SLA with your team. Here are the basic areas that should be clearly stated:

  • Responsibilities of the provider and the consumer in the agreement.

  • A set of services with details about such things as guaranteed up time.

  • Metrics so you can identify if the cloud service provider is providing service that matches the agreed to SLA.

One key area to focus in on is the stated uptime of the provider. This is the stated amount of time that your data will be available to you. If your business plans to move mission critical data and systems to the cloud where you could not operate with a 5 minute outage, an SLA of 99.99% might sound perfect. However, 99.99% measured monthly has a very different effect than if it was 99.99% uptime measured over a 12 month period.

Takeaway: If your cloud provider’s SLA does not meet your requirements, you need to ask them to make edits or find a provider who is in line with the requirements of your business and your industry.

4. Which Apps & How to Decide?

Deciding which apps to move or not move to the cloud comes down to careful planning with your team, well before you speak to a salesperson. We suggest auditing all potential apps that you could move to the cloud. Are there any that have significant interaction with third party apps or services? These are good apps to consider moving because they may already be interacting with other services hosted within the cloud, making the transition smoother. Additionally, if you have an app that is not a clear differentiator between you and your competitor, you could consider moving it. Since it’s not critical to the business, any downtime would not be catastrophic.

Takeaway: Deciding on which data or apps to move to the cloud depends on your business needs. Consider moving apps that do not have a mission critical effect on your business, should they go down in the early days of the migration.

5. Compliance

Chances are you are already well aware of the compliance standards that govern your industry. Part of your due diligence when considering the cloud will be to research the compliance guidelines that need to be met on your company’s behalf. Some of the most common compliance requirements we see include: HIPAA, GAAP, SOX and PPI.

Takeaway: Know the compliance requirements of your industry and ask any potential cloud provider to confirm their services meet those requirements.

What other considerations should organizations consider before moving their data to the cloud? We would love to hear about the points you and your team have taken into consideration in the comments section below.

Google Apps vs. Office 365: An Objective Perspective

Send to Kindle

Google Apps vs. Office 365Earlier this month, BetterCloud wrote an article about how Google will win the Enterprise game when it comes to Google Apps vs. Microsoft Office 365. Four reasons were cited declaring Google Apps the winner:

  1. A generational shift wherein students coming out of university are already using Gmail and other Google products in their personal lives. Thus, Google Apps will be the preferred system in the corporate setting when this cohort assumes management control.
  2. Microsoft’s long-standing involvement with on-premise solutions and channel partners who push on-premise solutions, which will slow the necessary shift in Redmond’s core business operations to the cloud.
  3. Microsoft’s preference for complicated pricing scares off buyers, whereas Google has a much simpler pricing plan.
  4. Google’s competitive advantage with regards to timing as they came to the market just as web apps were coming out, while Microsoft is dealing with 20+ years of providing on-premise software.

While all of these points, particularly the third point on pricing, are interesting, we think the situation is a bit more complex. In fact, we at Backupify wrote a whitepaper about this particular topic: “Office 365 vs. Google Apps: Which is right for your business?”.

What it boils down to is that there are different situations in which either solution might be better for a company moving to the cloud, and each solution is superior on different features. Here is a summary on our conclusions found in the whitepaper:

Google Apps wins on:

  • Price
  • Online collaboration & file storage
  • User interface & ease of use

Office 365 wins on:

  • Instant messaging, web conferencing, voice chat & voice features
  • Intranet integration
  • Active directory integration
  • Offline support

Google Apps and Office 365 Tie:

  • Email & email archiving
  • Mobile device support
  • System setup & administration

Aside from these feature differentiators, we see the major difference in terms of business process improvement (BPI) vs. business process engineering (BPE). Instead of declaring a definite winner in all cases, we think different companies can appreciate one solution over the other depending on their preferences, reasons for adoption, and business needs.

BPI has to do with tweaking existing business practices to make them more efficient, while BPE involves dissecting a business’ existing workflows and redesigning them from the ground up. We consider Google Apps more of a BPI solution that replaces a current system with a cheaper one, and Office 365 more of a BPE solution that brings new processes to a company.

So as a company considering the cloud, ask yourself: Are you happy with your existing practices but want to transfer them online in order to save money? Or, are you unhappy with your current practices and want a new solution to provide new tools to employees? If the former, then Google Apps is probably your answer. If the latter, then Office 365 with its robust and customizable set of tools that may be worth the extra money.

For more help deciding between the two solutions, check out our blog post on the Top 10 Google Apps vs. Microsoft Office 365 Comparison Guides.

Related Articles

11 Stats on Data Loss You Need to Know

Send to Kindle

data loss

According to Symantec’s 2013 Report “Avoiding the Hidden Costs of the Cloud“:

  • 47% of enterprises lost data in the cloud and had to restore their information from backups
  • 37% of SMBs have lost data in the cloud and had to restore their information from backups
  • 66% of those organizations saw recovery operations fail

According to The Aberdeen Group’s Report “SaaS Data Loss: The Problem You Didn’t Know You Had

  • 32% of companies surveyed lost data from the cloud.

Of these instances,

  • 47% were due to end-users deleting information
  • 17% were users overwriting data
  • 13% were because hackers deleted info

According to the Cloud Security Alliance’s Top 9 Cloud Security Threats in 2013

  • Data Loss is the #2 reason for data loss (up from #5 in 2010)

According to the Boston Computing Network’s Data Loss Statistics

  • 60% of companies that lose their data will shut down within 6 months of the disaster

According to CloudBackup’s Facts about Data Loss

  • 20% of small to medium businesses will suffer a major disaster causing loss of critical data every 5 years. (Source: Richmond House Group)
  • About 70% of business people have experienced (or will experience) data loss due to accidental deletion, disk or system failure, viruses, fire or some other disaster (Source: Carbonite, an online backup service)

You may notice that some of these stats actually contradict others. It may depend slightly on the number of companies surveyed, but in general, companies are not usually eager to admit they have suffered from these kind of hiccups. Telling the world that you accidentally deleted really important information just does not happen unless one’s hand is forced.

But regardless of whether it is 32% or 47%, up to almost half of companies have lost important business information in one way or the other — and oftentimes it was accidentally deleted.

Protect your business from these threats. If your data is on the cloud, then let Backupify help prevent you from becoming a statistic.

For more information on SaaS Data Loss, check out the Aberdeen Group’s Report“SaaS Data Loss: The Problem You Didn’t Know You Had”.

Cloud computing’s 10 false fears (and 1 legitimate concern)

Send to Kindle

Unjustified fears about the cloud

By definition, a cloud is hazy, foggy, vague and obscure. And when things are nebulous, our sense of worry heightens. Yet most of the time our fears of the unknown are unjustified, and they limit us more than they help us.

The kinds of fears we hear about the cloud are numerous.  Things like “If I put my data on the cloud, won’t it be open to the public?” to “How is my data safe if it’s in someone else’s possession?” to “Doesn’t Google control all the servers? What if they get struck by a thunderstorm?”.  CloudSuccess wrote a great summary of the unjustified fears commonly held by people considering SaaS applications.  The Top 10 Myths of Cloud Computing they list are:

      1. My data is less secure
      2. I won’t have full ownership of my data
      3. My system won’t perform as well in the cloud
      4. I’ll be caught by vendor ‘lock-in’
      5. My business is too small for the cloud
      6. My business is too big for the cloud
      7. Everything on the internet/web is cloud
      8. Cloud is cheaper than on-premise
      9. Cloud = Virtualization
      10. The cloud has more downtime

Just like each of these 10 myths above, many of the concerns we hear about the cloud are actually inaccurate. Security is not necessarily compromised on the cloud, especially for smaller companies that can’t afford enterprise level firewalls and security systems. Information won’t be open to the public, but ownership of data is not much different than when it is on-premise – your data will in most cases still be owned completely by you. Cloud-based apps have reliable connections and show downtimes lower than that of on-premise solutions.  And you can pretty simply migrate to the cloud or away from SaaS applications if you choose.

On the flipside, there is one major cloud-related concern people have that is quite valid. That is the concern of user error – how users can very easily delete, mislabel, misarchive, or override important information. Not taking proper precautions against this can result in accidental or purposeful deletion of important cloud-based data. In fact, 1 in 3 instances of data loss on the cloud are due to user error. Fortunately, there are easy ways (like backing up your cloud data and optimizing your web browser for your SaaS application) to mitigate the risks that are present in the cloud.

Our job at Backupify is to bring some clarity to the cloud and to allow education to alleviate the invalid fears our customers have. We want to show friends that the cloud is not as dangerous as most people think. And if you take proper precautions to secure your information, Google Apps for Business, Salesforce.com, and other cloud-based apps are excellent ways to streamline operations at your company, maximize productivity, and provide your employees with the convenience of accessing their work information from anywhere.

For information on optimizing your web browser for Google Apps security, check out these white papers:

Ten Steps to Optimize Mozilla Firefox for Google Apps Security
8 Steps to Optimize Microsoft Internet Explorer for Google Apps Security
9 Steps to Optimize Google Chrome for Google Apps Security

The 3 Scariest Threats to Your Cloud Data

Send to Kindle

pumpkinAsk any horror movie fan, the most dangerous threats are the ones you don’t see coming — and this is especially true for cloud application data. IT administrators have decades of experience dealing with on-premise hardware, networks and applications, so they know how to protect them. Virtually no one has even one decade of experience running major SaaS applications like Salesforce (first released in 1999) or Google Apps (debuted in 2006), so there are hidden threats for which experience has not prepared SaaS administrators.

The risk vectors described below are perhaps the three most dangerous threats to your SaaS data precisely because so many IT pros aren’t prepared for them.

3. Zombie Accounts

Zombie accounts are those accounts that are no longer in use, but haven’t been suspended, deprovisioned or deleted. When a sales rep leaves, the admin locks the user out of the account but never follows up to actually delete the account. The danger with zombie accounts is that, if they are compromised, no one is watching them. A subverted zombie user could steal, corrupt or delete data well before anyone is the wiser.

Many SaaS admins assume they aren’t sitting on any zombie accounts because SaaS apps usually charge on a per-user basis, so anytime the admin receives a bill, the zombie users would stick out and demand to be deleted — if only to recover the license fee. Not so. Some SaaS apps only bill on an annual basis, rather than monthly or quarterly. SaaS providers offer this billing option to support large organizations because big companies usually budget on an annual basis. As such, you have the deadly combination of a company with a large number of users within which a zombie account can hide, and a billing cycle that could keep a zombie account unnoticed for as long as 11 months at a time. That’s scary.

Zombie Account Defense: Eliminate them before they turn. Delete inactive accounts as soon as they have outlived their usefulness.

2. Rogue Users

User error is always one of the top two causes of data loss for any application, cloud-based or otherwise. This is because software has no way of distinguishing between legitimate and illegitimate commands. One slip of the mouse and a Copy command becomes a Delete command. Simple user mistakes cause between one-third and two-thirds of all data losses. That’s scary enough, but those numbers only describe the damage inflicted by accident.

Now imagine what a rogue user — one who is intentionally trying to cause damage — could do to your cloud data. Authorized users are, by definition, allowed inside your SaaS application’s defensive perimeter. Disgruntled employees can be your worst nightmare, as these users can do every bit as much damage as a compromised zombie account but with the added threat of knowing exactly where to look for — and destroy — valuable data.

Rogue User Defense: Trust no one (more than you have to). Most SaaS applications offer some degree of tiered access privileges. Never grant anyone more access than they need.

1. The Black Swan

A black swan is shorthand for an event that is so unprecedented as to be almost impossible to predict. Tech writer Mat Honan made headlines earlier this year when a weird combination of Amazon and Apple security procedures allowed hackers to wipe out virtually all of his online accounts, as well as purge the local data from his laptop. What made this epic hack so remarkable was that Apple and Amazon’s security procedures both protected their own systems, but it was the combination of data that both providers disclosed that allowed hackers to assume control of all of Honan’s linked cloud accounts. Almost no one could have seen that coming. While Honan’s loss doesn’t fit the classic definition of a black swan event, it matches the general profile of an all but unforeseeable security failure.

Given the complexity of SaaS applications and the relative immaturity of cloud application security standards, it’s highly likely that another such black swan event will occur — one that may well compromise your own SaaS application data. That’s the very image of a security threat you can’t see coming, and nothing could be scarier than that.

Black Swan Defense: Call for backup. An independent backup copy of your SaaS data, kept separate from your production cloud accounts, can allow you to recover from a cloud failure that no built-in security or disaster recovery feature can handle.

Bottom Line

SaaS is new ground for lots of IT professionals, and while cloud-based applications carry some demonstrable security and data integrity advantages (notably in hardware redundancy), the cloud is still new territory for most of us. It requires new procedures and new best practices. With a little preparation and forethought, the cloud can be more versatile and adaptable than on-premise systems, but you have to adapt your security protocols to ensure your cloud benefits aren’t undone by hidden security costs.

Note: This article originally appeared in Wired Insights Innovation, found here.