How Small Businesses Should Best Play the Cloud

by Cal Braunstein

.

 

 

Monitoring Security Compliance

No discussion of cloud solutions would be complete without a discussion on security and compliance. While cloud providers may have the responsibility to address both elements for the company, accountability remains with the corporate executives.

Thus, executives need to ensure that there is regulatory compliance and transparency and, if applicable, compliance with the interim safe harbor rules. In October the Court of Justice of the European Union (CJEU) invalidated the 15-year-old Safe Harbor agreement between the EU and U.S.

There is an interim solution in place and, if one is moving personal data from the EU to the U.S., one’s cloud provider needs a method of handling the data properly lest the EU regulators choke off the flow of personal information to the U.S.

Executives need to also understand the security features of the SaaS offering and terms and conditions of the agreement. Wherever possible, data should be encrypted both in transit and at rest. Access to the data should be tightly controlled and executives should ensure that the data belongs to the company, not the vendor.

Additionally, vendor access to the data should be limited to that needed to administer and protect it, and ceases after termination.

Summary

Use of SaaS applications offers SMBs an opportunity to compete effectively with large enterprises that are able to create their own in-house mass personalized digital discourse. This competitive advantage and potential revenue driver far outweighs any cost savings advantages.

Business and IT executives should focus on the revenues more than the cost savings and any return on investment (ROI) analysis should validate the upside revenue gains derived from the move if the shift to the cloud is to occur. 

Related articlres:

3 Things to Consider When Moving to the Cloud

A Real-time Cloud Virtual Office Migration 

Backing Small Business Up in the Cloud