Cloud computing is spreading with a vengeance - for businesses and consumers alike as it becomes the new digital norm. Australia has seen particularly high rates of uptake having been placed fourth in the Cloud Readiness Index 2016 for cloud implementation and growth strategies.
Cloud’s traction in Australia may be attributed to its capacity for convenience, flexibility and agility across industries and for individuals. While both consumer and enterprise cloud have had popular approval, their designs are completely different.
Consumer cloud-based applications are designed for ease-of-use, to be implemented quickly but compliance with corporate guidelines or national data governance regulations often falls to the wayside in favour of agility. By contrast, enterprise cloud applications ensure that a business complies with internal and national or international regulations, and keeps sensitive information confidential. In addition, these applications focus on enterprise-critical features like security, auditability, and data sovereignty.
The use of cloud for businesses is obvious. Using cloud-based applications often requires less work and costs less than having to build, host and maintain a data centre. Cloud also often provides increased scalability and frees up valuable IT resources. While growth in cloud services has resulted in increased choice, it also increases risks to companies without a defined strategy or policy around usage of corporate data.
Three Differences between Enterprise and Consumer Cloud Applications
Here are three crucial differences that businesses should consider when looking at the appropriate cloud-based solution for information management: security, auditability, and data sovereignty.
Privacy and Security
Security is a concern in both consumer and enterprise cloud applications and has gained increasing relevance as cloud has become the lynchpin of data management and storage. However, as we’ve all seen, security breaches are on the rise, with Price Waterhouse Coopers citing a 38% increase in information security incidents between 2014 and 2015.
For corporations, information security and privacy must be a paramount concern. In the digital age, information is the new currency and needs to be carefully safeguarded. In choosing cloud providers, enterprises must consider the use cases, and work to ensure services are given the required level of protection.
Enterprise cloud applications typically give prime consideration to privacy and security, and are built to manage critical information assets. They provide secure access in a variety of ways, with the level of sophistication depending on the customer’s requirements or compliance standards that are a priority for IT departments.
While all consumer cloud applications offer some degree of security, often found in the T&Cs, most include clauses that say changes can be made at any time without notification to users – and this happens often. This makes it difficult to ensure that an application will meet an organisation’s compliance guidelines now and in the future.
Auditability is of prime importance for enterprise data – whether stored on premises or in the cloud – and this something that should be at the foundation of enterprise data management, rather than an afterthought.
An important capacity for enterprise cloud is the ability to have visibility into the security and management of data and applications. Business customers are contractually obliged to perform a security audit if and when it’s needed (unlike consumer cloud providers), so understanding of security levels for enterprise cloud users is an important factor.
When information is sensitive or confidential, enterprises must be able to identify who has clearance to access the data, who has accessed said data and how it might have been changed or used. Enterprise cloud applications normally build in these capabilities for business customers, while consumer applications might not.
Finally, enterprises must consider the consequences if they must withdraw from their a cloud application, if they decide to change applications or if the vendor goes out of business. Firms need to be sure their contracts specify that they alone own their data and can retrieve it at any time.
The premise of cloud computing is that no matter where you are in the world, or which device you’re using, you can access your information in the cloud. However, the reality is that the location of cloud data centres is vitally important when corporate data is involved.
Most countries have regulations about where personal or private data can be stored, and companies that disregard data sovereignty regulations can face huge fines. For organisations to ensure the information in enterprise cloud applications is managed in compliance with data sovereignty rules, they must be able to rely on legal contracts that stipulate their specific requirements. This is often not an option with consumer cloud providers, and some have gone so far as to state that they are not concerned about data sovereignty.
Developing a cloud strategy requires the careful consideration of business processes, workloads, security rules, and compliance requirements, But Companies taking these steps are already seeing the benefits of the cloud. A study by KPMG in 2014 found that 73% of respondents reported seeing improved business performance after implementing cloud-based applications and strategies.
To achieve positive results, though, enterprises need to ensure that their particular cloud application fulfils their specific business needs, having a capacity for current demands but also the flexibility to adjust according to changing conditions as the business landscape itself changes.
Article by Mike Lord, Vice President, Australia & New Zealand, OpenText