In our recent article “Our guide to the pros and cons of the cloud“, we highlighted some of the advantages and disadvantages of the cloud that every firm should be aware of. Here, we’ll be explaining how choosing the right cloud product and asking the right questions can help deal with the potential drawbacks that we highlighted, and put you on the path to success.
Despite the obvious advantages of the cloud, many people remain sceptical about trusting their key data and applications to this technology, with a range of security, privacy and technical issues weighing heavily on their minds. But with the right cloud-based tools, firms can go a long way to eliminating many of these concerns and have faith that the cloud can help them on the road to success.
Is your data secure?
The issue of security is often among the first questions people ask when they are looking at the cloud – particularly when data security has been much in the news lately following a series of high-profile attacks.
You may not like the fact that your data is no longer stored on your own servers where you can keep an eye on it. But one of the great advantages of entrusting your sensitive data to the right cloud provider is that you can be sure it will be protected by the best defences in the industry.
The right cloud provider will devote large resources to maintain the latest protections, and companies can be sure they get security patches and updates as soon as they are available. This can be particularly important for mid-sized businesses who may not be able to afford to dedicate the time or financial resources to building a top-quality security system that can match those of larger rivals.
When choosing your cloud provider, and if you feel it is appropriate, you should request to review their security audit certificates so that you can be sure your their security is up to scratch.
The cloud-based tools that we offer have comprehensive security features:
- Role-level access and idle disconnect – users can only use data and application functionality that is related to their responsibilities; NetSuite automatically locks the application when idle connections are detected to prevent unauthorised access.
- Strong encryption – 128-bit SSL encryption for user login and all subsequent data has the same level of encryption used by online banks.
- Application-only access – users can only access the application, not the underlying database.
- IP address restrictions – IP address restrictions further minimise access to a user’s account; easily configure to ensure only specific computers and / or locations can access NetSuite.
- Strong password policies – NetSuite provides fine-grained password configuration options – from minimum password length and complexity to timeframe-based password expiration; they support password policies to ensure that new passwords vary from prior passwords and have a combination of numbers, letters and special characters; NetSuite accounts are automatically locked out after unsuccessful login attempts.
- Account settings and global controls – administrators control the account settings of all Box users and can easily configure permissions and privileges for the entire organisation, a department and / or individual user accounts.
- Secure data centres – content is stored on enterprise-grade servers that undergo regular audits and are monitored 24/7 to ensure data protection. Data centres have uninterruptible power and backup systems, plus fire / flood prevention at storage sites.
- Redundancy – Box uses multiple data centres to host its application and data, providing essential redundancy. Files are backed up daily to additional facilities.
- Data encryption – Box uses state-of-the-art technology and industry best practices for data encryption during transit to and from the Box cloud, as well as while stored within Box. Encryption at transfer with 256-bit SSL and at rest with 256-bit AES.
- Comprehensive reporting & audit trails – Box provides reporting capabilities and comprehensive audit trails for nearly every action or activity that occurs within Box. For example, track username, email address, IP address, date/time for all actions and use pre-defined reports to give insight into potential security concerns.
- Comprehensive backup – all your critical data is automatically backed up on Google servers while you work, so when accidents happen – if your computer crashes or gets stolen – you can be up and running again in seconds.
- Increased security and reliability – Google’s data centres are custom designed and built to minimise the number of potentially exploitable vulnerabilities, and Google’s information security team constantly monitors and updates the network to protect against new threats.
- Strong encryption and authentication – Google Apps offers an extra layer of security with two-factor authentication, greatly reducing the risk of hackers stealing usernames and passwords. Browser sessions are automatically encrypted to help protect your data as it travels between your browser and Google’s data centres.
Businesses may also be worried that they will no longer have control over the functionality and execution of their operations, but this can be eliminated with the right tools.
NetSuite, for instance, offers a high degree of customisation so businesses are always able to get a solution that specifically fits their unique needs. Integration with many other systems and easy migration from other tools also ensures firms have the flexibility to fit NetSuite into their existing operations.
And one of the great things about cloud solutions is that they are completely flexible, so if your functionality requirements change over time, then your solution can change with you.
The right cloud provider will work with you to find your perfect IT solution and fit it in seamlessly with your existing operations, rather than trying to shoehorn your business into a particular product.
A quick note on data ownership:
One of the biggest perceived disadvantages of cloud-based solutions is a loss of control over your data. When it comes to data ownership, you still own and control it. It is important to note that you will still be ultimately responsible to regulators for the security of your data, and pointing the finger of blame at a provider should anything happen is not a defence.
You can mitigate the potential risks by taking the time to fully understand what tools are in place and who is responsible for each aspect. Firms need to study their cloud provider’s service-level agreement (SLA) closely to determine exactly what each party is responsible for.
This should also cover issues such as what happens to data stored on cloud servers at the end of a contract. You might assume this will automatically be scrubbed, but this isn’t something you should take for granted. And if it’s financial data you may be legally required to keep it for five years or more, so this is something to be aware of.
Technical issues and downtime
Meeting concerns over security, privacy and control will be irrelevant if the performance of a cloud solution is not up to scratch – and high availability will be one of the most pressing concerns for many firms in this area.
NetSuite offers customers a guarantee of 99.95 per cent uptime across its entire range of applications, as part of its standard terms of service. Should it drop below this for any reason, businesses can expect to receive compensation. It also offers a website where users can check the status of applications, with real-time information about any disruptions and expected resolution times.
Similarly, Box and Google Apps both guarantee a 99.9 per cent network uptime.
If you would like to know more about how our cloud tools mitigate the cons of the cloud, please don’t hesitate to get in touch.
Please leave your comments below and share with your colleagues.