Filed under: Copyright, Patents, Trademarks | 27 August, 2010 | by Chris Lightner

*Originally Published in Spring/Summer 2010 IP Section Newsletter by Chad Graves

“The cloud” is simply the ability to access data and key applications through an internet connection instead of the corporate network. When utilizing the cloud from your office, you only require a high speed internet connection; and, while outside the office, you can achieve the same user experience with a Wi-Fi connection at a restaurant, the airport or a bookstore.

Today, your company data is likely stored in a dedicated room containing multiple servers which host and safeguard the digital lifeblood of your organization. Physical access to these servers can be controlled, while automated reports and blinking green lights reassuringly confirm that all systems are working properly. But constantly  monitoring, maintaining, updating and upgrading this infrastructure are a constant drain of both human and financial resources. As computing requirements continue to grow, it becomes an increasingly daunting (and expensive) task to manage your sprawling network of servers.

Fortunately, the decreased costs and increased availability of high speed internet connections presents the opportunity to move some of these systems off-site to massive data centers with colossal computing power and near unlimited scalability. With a cloud solution, you connect over the internet to a server farm (instead of to the server room down the hall) with little noticeable change. All the programs, icons and shortcuts look the same to the end user; they are simply hosted somewhere else.

Physical Control: Where is your data stored?

In a traditional environment, you have control over your hardware. If a server fails or becomes over tasked, data must be moved to a new physical server. This can be quite a chore and often takes hours to accomplish. In addition to network downtime, end users are often required to jump through new hoops to access their information.

Meanwhile, companies like Amazon, Google and Microsoft have invested billions in worldwide infrastructures to ensure lightning fast access of their services anytime and anywhere in the cloud. The benefit of their investment to you is your data can also be seamlessly transitioned from one server to another to alleviate bottlenecks regardless of where those servers may be physically located. To the end user, these transitions from one server to another are invisible.

However, while the thought of your data navigating mammoth fiber-optic connections and traversing thousands of miles in milliseconds may sound cool, it also brings up some interesting questions when federal compliance standards are considered. In the example above, your data may move from one U.S. city to another or it could be travelling between cities in Europe or South America. Businesses must understand how the physical location of their data may impact their businesses from a regulatory standpoint.

Data Availability: How do I know my data will be there when I need it?

In a traditional environment, companies are willing to invest in the necessary infrastructure to ensure 24/7 access to their mission-critical applications and data. But when you give up physical control of your applications to the cloud, you also relinquish your control over the availability of those applications and your data. Statements like this from the Google Docs Terms of Service agreement only serve to heighten those fears.

“As part of this continuing innovation, you acknowledge and agree that Google may stop (permanently or temporarily) providing the Services (or any features within the Services) to you or to users generally at Google’s sole discretion, without prior notice to you.”

To be fair, Google Docs is a free service; so we must balance our expectations for availability of the service against the cost of the product. Further, this is not to suggest that Google (or any other service provider) would ever lock you out of your account if they could avoid it. In fact, it’s in their best interests to make it as painless as possible for you to access your data. But it is important to fully understand a hosted solution’s Terms of Services as it relates to continued availability of the service and your data.

Data Restoration: How is my data backed up?

When your servers are onsite, your IT administrator manages routine backup and restore functions. He likely has  software to alert him if the nightly backup has been successful or failed. If implemented properly, the restoration process generally takes only a couple of hours to identify an issue and retrieve any lost data. To work properly, your technology team must be vigilant to insure that these processes are running as designed.

Most cloud services rely on their massive infrastructures to reduce the possibility of data corruption. Many have strong back-up and data restoration functions in place, but often the end user is ultimately responsible to copy files and folders and ensure adequate backup. In such cases, backup procedures can be managed utilizing an encrypted external hard drive or USB flash drive for users of the hosted solution. Encrypting the data makes it extremely difficult, (if not impossible) for most criminals to crack in the event the devices are lost or stolen.

In both cases (whether keeping your servers in-house or moving them to a data center), strong, well-defined policies must to be implemented that clearly define your backup procedures. All too often management simply trusts that back-up functions have been properly implemented without testing these assumptions… until it’s too late. In any office, no matter the size, it is crucial for management to insist on regular reports on their on-going back-up processes from their IT staff or hosted services provider.

Data Security: Who has access to my data?

Ultimately, security must be the key issue to consider when moving to a cloud solution. When your data is onsite, physical access to the servers can be closely tracked and monitored and many business owners take comfort that their data is safe and secure behind the company firewall. However, increasingly complex Federal and state regulations are putting more pressure on companies to strengthen their security policies and to tighten controls on data to ensure the privacy of their clients and employees.

It is no small feat to navigate the byzantine rules of Sarbanes-Oxley (SOX), Gramm-Leach-Bliley, the Health Insurance Portability and Accountability Act (HIPAA) and dozens of similar laws.  Therefore, especially when considering a move to a cloud solution for your confidential data, companies must identify a trusted partner who fully understands these compliance issues and is prepared to help them manage their liabilities.

Cloud Computing Is Here to Stay

Online banking, personal email accounts, and social networking sites are all examples of the cloud-based services many of us use every day. We already trust some of our most important personal information to faceless data centers without thinking twice. So, ready or not, “the cloud” with all of its strong potential and its many pitfalls has already become a practical reality.

But the question remains, what are its implications on the future of your business?

***

Chad Graves is the founder of Graves Technology Group, a Microsoft Gold Certified Partner. As a full service technology consulting firm, Graves Technology focuses on translating an increasingly complex technical language into a business- oriented dialogue. Graves Technology prides itself on listening to client needs and sharing its knowledge as it implements and manages the client’s information technology network.