By the end of the year it is predicted by Vanson Bourne that 90% of all businesses in the UK will be using at least one Cloud service. This represents a 62% increase from the position four years ago and demonstrates the array of choices that UK businesses face when contemplating their IT requirements.
While there are an increasing number of services available, it’s worth considering how your business can truly benefit from the Cloud:
- Cost: Cloud services undoubtedly offer savings in comparison to traditional onsite server solutions. Companies no longer need to replace costly hardware and Cloud providers will also cover the cost of software updates.
- Accessibility: The way we work has changed, and the days when the office was the only place to conduct business are long gone. Cloud services allow easy access to shared files and networks regardless of the location or the device being used.
- Security: Despite some of the headlines that made the front pages in 2014, reputable Cloud providers dedicate a large amount of their resources to security. Not only do they ensure that encryption software is updated with adequate protection, Cloud providers can also react swiftly to prevent sensitive data being accessed if devices are lost or stolen. Bearing in mind that over 900 laptops are lost in Heathrow airport each week, this can provide some comfort.
- Storage Capacity: Cloud providers can offer almost limitless storage, and this is perhaps one of the most appealing advantages. Many Cloud providers offer ‘pay as you go’ rates or other sliding scale payment schemes. This can be especially beneficial for small and medium sized businesses that may need to call on extra capacity at short notice.
Before you sign up to what appears to be the best offer, it’s prudent to be aware of the legislation surrounding how your data is stored. Within the UK, the Data Protection Act 1988 (“Act”) governs the use of personal data. This means that if a company based outside the UK uses equipment within the UK to process personal data, or is processing data about individuals in the UK, then that company must comply with the Act.
In the EU, the Data Protection Directive can be interpreted differently within each EU country. If a company based in one EU state processes data in another EU state, the legal requirements could well be different between the two. This year a new EU Data Protection Directive is expected to become law that is intended to eradicate this ambiguity and bring in uniform requirements throughout the EU.
However, beyond the EU, foreign legislation can provide considerable issues. For example, if data is stored in India, the Indian Central Government has the power to authorise “any agency of the Government to monitor and collect traffic data or information generated, transmitted, received or stored in any computer resource”. There is no requirement for a warrant or a court order to access the data. The fact that the protection provided by the Act stops once the data leaves UK shores should be given consideration. It may be that for peace of mind over how your data is accessed, finding a UK Cloud provider that houses its data centers in the UK, such as Westcoast, is the answer.
Wherever your Cloud provider is based, businesses should also lend thought as to how they utilise their IT and Cloud services. This year it is estimated that 80% of UK businesses will operate a hybrid IT system of both Cloud and onsite IT. A recent survey conducted by BT of 1,000 IT “decision-makers” found that 89% of company departments now purchased their own IT rather than requesting it from their IT department. This, coupled with the increase of BYOD, means that many CIOs are unaware of the exact IT that is being used within their companies. The growth of ‘shadow IT’ is a growing feature in UK businesses and when any new IT service or software is implemented in your business, be it Cloud or on site, data protection should be a significant consideration. Review your IT policy and training to establish how relevant this actually is. Ensuring that you have adequate data handling policies in place is paramount. Measures should be in place to prevent former employees accessing your Cloud facilities. Likewise, knowing which apps or software employees use on their own devices will help to protect your data securely. A spring clean of your IT policy is likely to be time well spent.