From reading the press you might think the debate around migrating business applications to the cloud is over, but the reality is different. The benefits around scalability, remote access and increased agility, innovation and cost control are clear. Yet, the truth is too many businesses are still talking about the cloud, rather than implementing it. The endless debate about the potential drawbacks consumes time, cost and resources and can paralyse decision-making about cloud deployment. I speak with a degree of confidence and experience having deployed and transformed 90% of our estate into the cloud, including mission critical applications like our ERP as well as business critical applications like payroll — most of the concerns that arise in these conversations are misplaced. The cloud has always been surrounded by various myths, but there are four we should debunk because of their damaging persistence. These are:
- Data stored in the cloud leaves organisations open to security breaches;
- Availability and performance will suffer;
- Disaster recovery times will be negatively affected;
- Handing over mission-critical software over to a third party increases compliance risk.
We need to consider each of these in turn.
1. Data stored in the cloud will leave organisations open to security breaches
Many businesses worry that having their data stored in the cloud is risky. Often, that’s because they feel they are giving up control to a third party. It is a fear that has been around ever since the cloud became viable for business, yet cloud security has constantly advanced. As early as 2012, for example, cloud access security brokers became available, offering supervision of unauthorised software activity, shadow IT and helping maintain compliance.
Security has come on much further since then. Even for a global payroll, for example, data is far more secure in the cloud than on-premises, where information is often kept in spreadsheets or lodged with accounting firms in different countries.
Cloud service providers have all invested heavily in best-of-breed security and need to satisfy stringent data processing and data privacy regulators. They have significant liabilities to worry about and teams dedicated to keeping data secure. Cloud service providers have far more resources allocated to the daily monitoring and action on cyber security than your own organisation could realistically invest in. Your company remains the Data Owner and Data Controller with cloud solutions, so no control is lost. Stanford University has shown that 88% of cyber incidents or data breaches occur because of human error, not because your data or solution is in the cloud.
How Confidential Computing is dispelling the climate of distrust around cloud security
2. Availability and performance will suffer
All organisations need to be sure they have fast access to their data and applications, otherwise efficiency takes a hit as employees wait for their screens to become live again or machines to restart. Yet for most enterprises, availability increases in the cloud when compared to on-premises, particularly for multi-location businesses and remote users.
While affordable 100% data centre availability is still a long way off for most enterprises, businesses often look for a contractual commitment to 99.9% plus uptime. This is where cloud providers should do more to deliver.
The search for 100% availability often makes organisations invest heavily to achieve it in the cloud. They should realise that even if they had a solution installed in their own data centre, achieving 100% availability would involve significant cost. Just because it is not on offer is no reason to hesitate about deploying to the cloud.
The use of cloud also drives enhanced business performance. High availability and low latency mean improved network performance. The ability to continuously integrate developers’ work and deploy software upgrades quickly and at regular intervals helps further boost performance. On top of that, the flexibility and agility has been proven during the pandemic period with remote or home working for those companies that had their solutions within the cloud. Performance increased as employees worked at home using a browser and VPN globally to connect to the company’s systems.
Cloud is also a key first step on the road to digitalisation. From there, businesses can automate whole processes. Take the lead-to-cash process, for example: in the cloud it is easier to integrate different processes end-to-end quickly and efficiently: from campaign management into CRM to create the opportunity, into a sale with an order form out into an invoice to the customer and then back in to receive the money. It is about fast time to value and enhanced productivity.
3. Disaster recovery times will be negatively affected
One of the first questions heard when discussing a move to the cloud is: “How quickly can my data be recovered?” A flood, a fire or a cut cable can all leave a business marooned from its data and incapable of operating.
In fact, depending on the size and scale of such events, recovery times for an on-premises disaster can range from days to weeks. Given that, it’s unsurprising that the Spice Works ‘State of IT’ report found 38% of respondents cited enhancing disaster recovery capabilities as a key driver of moving to the cloud.
Whatever cloud vendor is chosen, they should be able to tell the business precisely where its data is housed and how it’s shielded. It should also encrypt that data at all times, both in transit and at rest.
Ideally, a vendor should be able to tell its customers how unlikely disaster recovery would ever be – but should also be able to offer some spread of backups, so that a complete backup could still be performed if a natural disaster destroyed all data centres in a particular area. Most cloud providers have a primary data centre where a customer solution is housed with automatic incremental real-time back-up to a secondary data centre offering much better recovery and restorations service levels.
Accelerating IT disaster recovery with unified backup
4. Handing over mission-critical business software to a third-party increases compliance risk
Compliance with data regulation is a prerequisite for all businesses now. A compliance failure can result in significant fines and the long-term damage from loss of reputation. Industries such as banking and financial services also have their own strict regulatory regimes governing reporting data.
With on-premises solutions, organisations trust they have the right infrastructure and people to support key compliance requirements such as GDPR and the ISO27001 certification for data security management – but these standards can also be achieved in the cloud and faster.
Global software providers frequently have the depth and breadth of skillsets to provide deeper and more thorough support for changing and evolving business needs in the cloud than a business itself. Cloud data centres and cloud hyperscalers already provide certified infrastructure and middleware on the solution stack meaning achieving both ISO and SOC compliance becomes more expedient.
The question of moving to the cloud is increasingly one of ‘when’ rather than ‘if’’. Yet, all the myths outlined above continue to inhibit cloud adoption when they have little basis in reality.
Businesses need to overcome their fears based on the old myths because cloud deployment is a key first step on the road to digitalisation. From there, they can automate whole processes. The cloud is now so well-established and delivers such obvious cost, efficiency and agility benefits there is no point procrastinating, waiting for the 100% perfect, bespoke cloud experience. Migrating to the cloud is about fast time to value and enhanced productivity, greater scalability and improved agility. There are innumerable businesses that will reap all these rewards if they start their cloud migration today. Trust me, your business will adopt digitisation and solutions faster in the cloud!