Consequences Of Combining Off Premise Storage and Corporate Data

Off Premise Corporate Data Storage

Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted, off premise solutions.

These services have become widely popular within the consumer market. The explosive growth of the mobile device industry over the past three years has been the main driver for the cloud storage market. Consumers were in search of a way to easily share and access files, pictures and video content across all their devices whether it be a laptop, desktop or smart device. They wanted their content readily accessible and east to access. Companies like Dropbox and Box were the early pioneers of this cloud storage niche that has now become a battleground for the big players such as Google and Microsoft. The competition of this market has benefited the consumer with cost-effective pricing and almost limitless storage. Microsoft includes 1TB of OneDrive storage with the office 365 subscription and Dropbox cost /year for 1TB.

Consumers, now equipped with a DropBox or similar service for personal data, demand the ability to access corporate data on their smart devices or mobile workspace in a similar manner. Initially, this leads to people using their personal accounts to store and share work related documents. With this, a variety of issues surfaced when using this approach; from security to compliance the list runs long. In order to remedy these issues, corporations began buying enterprise accounts from cloud storage providers where a higher degree of security is offered, and access control to data and improved logging addressed some compliance issues.

Service Level Agreement Omission

SLA

Though these services are scrambling to entice the enterprise market, there are still many apprehensions I have that prohibit me from recommending these services for corporate data. First and foremost, the omission of a Service Level Agreement (SLA) guaranteeing the availability of data is a concern. Most IT organizations build resilient networks with three, four or five 9’s of uptime. This equates to a high degree of availability for your corporate data. As a corporate user, you expect (or require) the same level of service for your cloud storage, yet most of these providers only commit to “provide the service as is“, “with all faults” and “as available” while providing no warranty that the service will be uninterrupted, free of harmful components or that the content will be secure or not lost or damaged. These terms and conditions significantly minimize the provider’s responsibility to ensure data is accessible, safe, error-free and uninterrupted. On the flip side, it’s hard to believe a company would accept this type of disclaimer from an internal IT department.

Maintenance Scheduling

Most IT departments schedule routine maintenance windows to patch and upgrade systems when usage is low. These windows typically occur on the weekend or late at night to minimize disruption. Cloud storage providers reserve the right, at their sole discretion, to make necessary unscheduled deployments of changes, updates or enhancements to the Service at any time.  In essence, upgrading their systems whenever they desire.

Also worth considering, is the fact that these services can terminate any account, locking users out of data at any given time with or without cause based on their sole discretion and charge an additional fee to retrieve the data once this occurs.

While the off-premise service providers’ capabilities may fit the needs of consumers, the risk potential when it comes to data loss and security can significantly inhibit satisfaction and productivity for corporate users. To shield your organization from these threats, I suggest leveraging the providers that allow on-premise implementations of their software. By doing so, companies can take advantage of the ease of use and accessibility these applications offer, while enjoying the peace of mind that comes with a higher degree of security, compliance, availability and accessibility of an incredibly valuable asset: their data.

By Marc Malizia

Viral Infection Wearabletech
Data Bed.png
Recovery Experts.png
Disaster Recovery Plan.png
Louis
Why Services CPQ Is Too Slow Today When PS organizations compete in sales cycles, the first competitor to have a complete quote with accurate pricing, schedules, and an engagement plan will often win. However, getting ...
Gary Bernstein
Managing Your Internal IT Your company's internal IT team is responsible for keeping things running smoothly, and they deserve all the support you can give them. Here are ten ways to make their lives easier ...
Damian Ng
3 Cloud Modernization Challenges There’s no denying that migrating to the cloud unlocks multiple benefits for organizations looking to modernize their IT infrastructure. However, the journey to truly unlock the benefits of the cloud and ...
Security Breach 10 Useful Cloud Security Tools
Cloud Security Tools Cloud providing vendors need to embed cloud security tools within their infrastructure. They should not emphasize keeping high uptime at the expense of security. Cloud computing has become a business solution for ...
Matrix
When sci-fi films like Tom Cruise’s Oblivion depict humans living in the clouds, we imagine that humanity might one day leave our primitive dwellings attached to the ground and ascend to floating castles in the ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.