Don’t you feel like the cloud hype’s got too ubiquitous? It’s not even cool anymore! You could even find it annoying from time to time…
Still, you find cloud solutions useful every day of your life. They are present both in personal and business life. And they make your routines faster, easier, and more comfortable. For many applications, the cloud seems like an obvious choice. If you think it through, you won’t find any reasonable reasons not to put them in the cloud.
But, as with all other things, the cloud isn’t one-size-fits-all. What should you consider when thinking of migrating to the cloud?
Data in a cloud
The most significant factor is the data planned to be processed with the application. You can’t process data in the cloud without sharing it with a cloud provider. Unless the information is securely encrypted, the vendor has unrestricted access to it.
Other companies’ information
To do business, you usually need data from other entities – clients, contractors, etc.
But what’s the problem with that? Many companies process sensitive personal data in the cloud, even in a GDPR-driven world! But it’s not the personal data that businesses protect the most.
Intellectual property usually outvalues personal data by far. For many companies, intellectual property confidentiality determines their competitive edge. The best-known example is, of course, Coca-Cola with its top-secret recipe.
Some companies won’t let you share their intellectual property with anyone. As processing data in the cloud means sharing it with the cloud provider, it means a no-go for you in the cloud with this data.
Own internal regulations
Companies restrict access to intellectual property not only for their contractors. They limit it in their own internal regulations too.
Management boards and lawyers of many companies don’t want to risk stealing their secrets from competitors. To protect them, they limit sharing them with other entities as much as they can.
As I mentioned, you can’t stop a cloud operator from accessing your data in his solution. Thus, companies sometimes decide to keep their data on-premise. They state it as a part of their data protection strategy.
Export control
Many countries agreed that people couldn’t trade weapons across borders without control. It seems reasonable.
Yet, it gets complicated when you go deeper into details. A truck is not a weapon. But what if it’s painted green and customized to transport armed troops? The diesel engine of this truck is not a weapon. But what if it’s also used to power a tank?
Issues like this led to creating complicated regulations on what is and isn’t a weapon. Many products aren’t weapons but can be used as parts of weapons, like the truck engine in a tank.
Many companies process data classified as military or dual-use. Exporting this kind of information – even through the Internet – is forbidden. To do it a company needs special permissions – licenses – issued by countries.
What if the company wants to process it in a cloud solution? Clouds are usually spread between different countries. Even if it’s a neighboring country, God only knows the paths the data goes through to get to the destination.
Processing data identified as military or dual-use in a cloud exposes companies to many risks. As an IT manager, you wouldn’t take them on your shoulders. Or, more likely, you wouldn’t be allowed to do it.
Conclusion
Companies may refuse to migrate to cloud solutions even if it seems very beneficial.
If you’re an IT Manager, you probably already know data processing regulations in your company. If you have any doubts, consult with your legal department about the limitations of processing data in your company.
If you sell IT solutions, you may face a refusal to very beneficial offers of cloud-based solutions. In these situations, your prospect may have one or even several of the above limitations. If so, you probably won’t be able to convince him to change his mind. He may not be willing to even share the reason with you, as all these considerations relate to data privacy.
Cloud solutions are great, but some data was not born to be processed there. As long as the cloud provider has access to their customers’ data, it will stay like that.