Whilst there are bullish projections for the expected take up of cloud computing, apparently there remains a significant degree of ignorance of what it really means amongst IT leaders in Europe. As reported in CW this week (http://www.computerweekly.com/Articles/2009/11/17/239225/cloud-computing-unfamiliar-territory-for-it-heads.htm) a recent survey by Portio Research revealed that more than 50% of IT decision makers reportedly knew very little about cloud computing whilst, of those familiar with the technology, more than 75% were already rolling it out within their enterprises. Does this mean that the ignorant majority are missing a trick? Are their enterprises in danger of losing competitive advantage through continuing to ignore what perhaps promises to deliver significant cost savings and efficiencies to their businesses?
The apparent lack of CIO understanding of cloud computing, coupled with another recent survey (from Coleman Parkes for Fujitsu) which indicated that CIOs have a tendency to play safe with proven technology rather than take an informed risk on innovative solutions does raise questions of governance. With all of the media discussions on cloud computing it is probable that the CIO's boardroom colleagues will at least have heard the term and may be curious about what it means and its potential business benefits. Indeed it would be disappointing if Board members did not ask such technology focused questions periodically. Therefore CIOs, where this is a gap in their confidence or knowledge, would be well advised to ensure that they rapidly become properly informed on cloud computing and what it might mean for their enterprises. There is no shortage of knowledge on the web and many consultancies and solution providers are anxious to promote their own cloud computing services. However, as with all new technologies there is a significant degree of hype around cloud computing which needs to be overcome in order to understand the true opportunities and risks. There is a well balanced paper available from ISACA (www.isaca.org) with the snappy title 'Cloud Computing: Business Benefits with Security, Governance and Assurance Perspectives' that many should find helpful.
One of the key implications of cloud computing is the fact that enterprise data no longer is held physically by the enterprise. Enterprise data, much of which may be sensitive or confidential, could be held anywhere in the 'cloud'. This raises security issues that need to be addressed therefore any discussion on implementing cloud computing must involve the security and privacy specialists who can ask the right questions and ensure that the security risks are properly understood and mitigated. At the very least processes detailing the way information is stored, archived and backed up will need to be revisited. There may also be issues of trans-border data flow as physical location often dictates jurisdiction and legal obligation.
Many traditional outsourcers may already be using the cloud. This raises the question of how they are managing this different risk. From a governance perspective this would be a good question for their customers to be asking of them.
Cloud computing is not just a new technology. It is a whole new way of providing IT services to an enterprise. There will be technical, security, privacy, business process and governance issues to be addressed. The cloud computing FUD factor is still dangerously high. Opportunities may be being missed whilst risks may be improperly addressed. Knowledge is essential. All businesses will need to consider whether or not the cloud is for them. Ignorance or denial can only bring grief.

Recent Comments