Consequences Of Combining Off Premise Storage and Corporate Data

Off Premise Corporate Data Storage

Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted, off premise solutions.

These services have become widely popular within the consumer market. The explosive growth of the mobile device industry over the past three years has been the main driver for the cloud storage market. Consumers were in search of a way to easily share and access files, pictures and video content across all their devices whether it be a laptop, desktop or smart device. They wanted their content readily accessible and east to access. Companies like Dropbox and Box were the early pioneers of this cloud storage niche that has now become a battleground for the big players such as Google and Microsoft. The competition of this market has benefited the consumer with cost-effective pricing and almost limitless storage. Microsoft includes 1TB of OneDrive storage with the office 365 subscription and Dropbox cost /year for 1TB.

Consumers, now equipped with a DropBox or similar service for personal data, demand the ability to access corporate data on their smart devices or mobile workspace in a similar manner. Initially, this leads to people using their personal accounts to store and share work related documents. With this, a variety of issues surfaced when using this approach; from security to compliance the list runs long. In order to remedy these issues, corporations began buying enterprise accounts from cloud storage providers where a higher degree of security is offered, and access control to data and improved logging addressed some compliance issues.

Service Level Agreement Omission

SLA

Though these services are scrambling to entice the enterprise market, there are still many apprehensions I have that prohibit me from recommending these services for corporate data. First and foremost, the omission of a Service Level Agreement (SLA) guaranteeing the availability of data is a concern. Most IT organizations build resilient networks with three, four or five 9’s of uptime. This equates to a high degree of availability for your corporate data. As a corporate user, you expect (or require) the same level of service for your cloud storage, yet most of these providers only commit to “provide the service as is“, “with all faults” and “as available” while providing no warranty that the service will be uninterrupted, free of harmful components or that the content will be secure or not lost or damaged. These terms and conditions significantly minimize the provider’s responsibility to ensure data is accessible, safe, error-free and uninterrupted. On the flip side, it’s hard to believe a company would accept this type of disclaimer from an internal IT department.

Maintenance Scheduling

Most IT departments schedule routine maintenance windows to patch and upgrade systems when usage is low. These windows typically occur on the weekend or late at night to minimize disruption. Cloud storage providers reserve the right, at their sole discretion, to make necessary unscheduled deployments of changes, updates or enhancements to the Service at any time.  In essence, upgrading their systems whenever they desire.

Also worth considering, is the fact that these services can terminate any account, locking users out of data at any given time with or without cause based on their sole discretion and charge an additional fee to retrieve the data once this occurs.

While the off-premise service providers’ capabilities may fit the needs of consumers, the risk potential when it comes to data loss and security can significantly inhibit satisfaction and productivity for corporate users. To shield your organization from these threats, I suggest leveraging the providers that allow on-premise implementations of their software. By doing so, companies can take advantage of the ease of use and accessibility these applications offer, while enjoying the peace of mind that comes with a higher degree of security, compliance, availability and accessibility of an incredibly valuable asset: their data.

By Marc Malizia

Bitcoin electricity
Bitcoin Heating? Bitcoin mining or cryptocurrency mining has been widely vilified for it’s environmental impact. Why it does draw a huge amount of energy, more and more of it is coming from renewable sources and ...
Drew Firment
Here’s How to Make Sure Your Skills are Cloud Ready This year will be a period of meteoric growth for the cloud industry. Research from Gartner suggests that global spending on public cloud services in ...
Threat Security
Azure Red Hat OpenShift: What You Should Know What Is Azure Red Hat OpenShift? Red Hat OpenShift provides a Kubernetes platform for enterprises. Azure Red Hat OpenShift permits you to deploy fully-managed OpenShift clusters in ...
JK Chelladurai
Usage-Based Pricing We are now in an era where many businesses are flipping their business model and shifting from subscription-based pricing to usage-based models, to better cater to the modern ‘pay-as-you-consume’ buyer. So what exactly ...
David Loo
The Long-term Costs of Data Debt It’s no secret that many of today’s enterprises are experiencing an extreme state of data overload. With the rapid adoption of new technologies to accommodate pandemic-induced shifts like remote ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.