Cloud Computing: It’s All Good – or Mostly Good

A ZDNet article entitled Cloud computing: Four reasons why companies are choosing public over private or hybrid clouds makes a case for the value of the public cloud.

The reasons:

  • Innovation comes as standard with the public cloud
  • Flexibility provides a business advantage
  • External providers are the experts in secure provision
  • CIOs can direct more attention to business change

This is all good – or mostly good.

The caveat is that the use of the cloud can fail if a business adopts the cloud without thinking it through from the perspectives of mission criticality, security, privacy, and continuity. If a business runs mission critical systems in the cloud, and that system fails, the business could be out of business.

The IT Manager no longer has to consider day to day issues around keeping software and security up to date. But they still have to consider higher level issues.

It is important to understand what the needs are for the situation at hand. A system that is not mission critical, or does not contain sensitive information, for example, would not require as much scrutiny as a system that runs an e-commerce site.

Issues to consider include:

  • how mission critical the system is
  • what the consequences are of a short term and long term outage
  • how confidential or personal the information is in the system
  • can the information be encrypted in transit and at rest
  • how robust the vendor’s continuity plan is
  • the need for the business to have its own continuity plan – such as a local copy of the data
  • how robust the vendor’s security is
  • does the vendor have third party security validation to accepted standards
  • does the vendor’s agreement have provisions that back these issues up with contractual terms and service levels with meaningful remedies






  1. Hi David

    The Law Society of British Columbia has an excellent and very detailed checklist on the things to consider when going to the cloud. It is available here:

    They also have an excellent due diligence guideline:

    Dan Pinnington
    VP Claims Prevention and Stateholder Relations
    Lawyers’ Professional Indemnity Company

  2. Dan:

    Thanks for the shout out over our Cloud Computing Checklist and Guidelines.

    Much appreciated.

    David J. Bilinsky
    Practice Management Advisor/Lawyer
    Law Society of British Columbia

  3. Addison Cameron-Huff

    Many cloud services are far more reliable than the on-premise or DC-hosted solutions that people use now. For example, many offer replication across several geographic regions that would be very expensive to develop internally (and that most businesses don’t use). Whether you’re running “in the cloud” or elsewhere, you’ll need to consider what happens when the system fails and how that failure will be dealt with. I don’t think cloud changes that picture very much but it does give companies access to battle-hardened systems run by very competent technical staff.