Off Premise Corporate Data Storage
Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted, off premise solutions.
These services have become widely popular within the consumer market. The explosive growth of the mobile device industry over the past three years has been the main driver for the cloud storage market. Consumers were in search of a way to easily share and access files, pictures and video content across all their devices whether it be a laptop, desktop or smart device. They wanted their content readily accessible and east to access. Companies like Dropbox and Box were the early pioneers of this cloud storage niche that has now become a battleground for the big players such as Google and Microsoft. The competition of this market has benefited the consumer with cost-effective pricing and almost limitless storage. Microsoft includes 1TB of OneDrive storage with the office 365 subscription and Dropbox cost /year for 1TB.
Consumers, now equipped with a DropBox or similar service for personal data, demand the ability to access corporate data on their smart devices or mobile workspace in a similar manner. Initially, this leads to people using their personal accounts to store and share work related documents. With this, a variety of issues surfaced when using this approach; from security to compliance the list runs long. In order to remedy these issues, corporations began buying enterprise accounts from cloud storage providers where a higher degree of security is offered, and access control to data and improved logging addressed some compliance issues.
Service Level Agreement Omission
Though these services are scrambling to entice the enterprise market, there are still many apprehensions I have that prohibit me from recommending these services for corporate data. First and foremost, the omission of a Service Level Agreement (SLA) guaranteeing the availability of data is a concern. Most IT organizations build resilient networks with three, four or five 9’s of uptime. This equates to a high degree of availability for your corporate data. As a corporate user, you expect (or require) the same level of service for your cloud storage, yet most of these providers only commit to “provide the service as is“, “with all faults” and “as available” while providing no warranty that the service will be uninterrupted, free of harmful components or that the content will be secure or not lost or damaged. These terms and conditions significantly minimize the provider’s responsibility to ensure data is accessible, safe, error-free and uninterrupted. On the flip side, it’s hard to believe a company would accept this type of disclaimer from an internal IT department.
Most IT departments schedule routine maintenance windows to patch and upgrade systems when usage is low. These windows typically occur on the weekend or late at night to minimize disruption. Cloud storage providers reserve the right, at their sole discretion, to make necessary unscheduled deployments of changes, updates or enhancements to the Service at any time. In essence, upgrading their systems whenever they desire.
Also worth considering, is the fact that these services can terminate any account, locking users out of data at any given time with or without cause based on their sole discretion and charge an additional fee to retrieve the data once this occurs.
While the off-premise service providers’ capabilities may fit the needs of consumers, the risk potential when it comes to data loss and security can significantly inhibit satisfaction and productivity for corporate users. To shield your organization from these threats, I suggest leveraging the providers that allow on-premise implementations of their software. By doing so, companies can take advantage of the ease of use and accessibility these applications offer, while enjoying the peace of mind that comes with a higher degree of security, compliance, availability and accessibility of an incredibly valuable asset: their data.
By Marc Malizia