Are you thinking of adopting a cloud based service or program? If yes, it’s a sure chance that you are aware of recent highly publicized issues in the media. These issues present a risk to the cloud, one that may turn businesses away from it. We aren’t going to deny the risk with any cloud solution, as every action has risk associated with it. For a cloud solution to be successful, managers need to know how to manage the risk associated with using the cloud.
Here are the three main types of perceived cloud risks that companies need to be aware of in order to effectively introduce a cloud solution.
Preventable risk
Preventable risk is risk that is largely internal, or risk that arises from within the organization. This form of risk is largely preventable and indeed should be dealt with before the adoption of any new cloud solution.
Most companies have found that preventable risk results from employee actions, usually actions that are illegal, unethical or are against established procedures. Before the adoption of any cloud solution you should take steps to first define these internal risks and how they fit with the parameters of the proposed solution, then take steps to address these risks. This normally includes constant monitoring of the use of current systems, along with established boundaries of use.
If you don’t address internal risks – e.g., employees sharing illegally downloaded files, (which could land you in some very hot water legally), risk will be increased exponentially, or the project could fail.
Strategic risk
With new technologies like the cloud, that can be disruptive, there is always a higher level of risk involved. This form of risk, that is a risk involved with a strategic decision that will net the firm higher returns, is inherent. While it’s not bad, it should be accepted in order to realize gains of any kind.
In other words, the higher the pay off, the riskier it will be. To manage this type of risk you need to have a plan that prepares for this. Cloud technology is still in its infancy, so there can and will be problems which may or may not put your entire organization at risk. Relying 100% on it is a poor way to manage risk. A strategy that includes backups of data and operations in the cloud, or having another system that can function in reserve, is an effective way to manage strategic risk. By employing something like this you can, in turn, take a larger risk; more cloud solutions.
External risk
External risk is any risk that companies can’t control or influence. This includes risks due to natural disasters, upstream/downstream production strikes, political situations, etc. Because it’s nigh on impossible to manage these risks, a strategy that aims to identify potential external risks and then take steps to mitigate fallout from occurrence is needed. This process is commonly called ‘business continuity’.
A good example of nature affecting the cloud happened in recently, in late June, when Amazon’s data storage facility was struck by lightning, and backup generators failed, which took many services offline for hours. Companies that relied on Amazon’s cloud servers like Pinterest and Instagram, who didn’t have backup sites, were forced offline, causing a large loss in profit, not to mention some very unhappy users. This could have been prevented if A. Pinterest and Instagram had backup sites, and B. Amazon had a more robust redundant system.
Naturally, it’s easy to be Captain Hindsight and go around pointing out what should have been done. You can learn from these incidents and look at how the company mitigated risks before and after, and try to implement them into your organization. If you need help identifying and coming up with ways to mitigate risk related to the adoption of cloud solutions, give us a call, we can help.
Published on 4th October 2012 by Jeanne DeWitt.