Some IT execs dismiss public cloud services as being too insecure to trust with critical or sensitive application workloads and data. But not Doug Menefee, CIO of Schumacher Group, an emergency management firm.
"Of course there's risk associated with using cloud services – there's risk associated with everything you do, whether you're walking down the street or deploying an email solution out there. You have to weigh business benefits against those risks," he says.
Menefee practices what he preaches. Today 85% of Schumacher Group's business processes live inside the public cloud, he says.
The company uses cloud services from providers such as Eloqua, for email marketing, Google Apps for email and calendaring, Salesforce.com, for CRM software, Skillsoft, for learning management systems and Workday, for human resources management software. "The list continues to go on for us," he says.
Yet Menefee says he doesn't consider himself a cloud advocate. Rather, he says he's simply open to the idea of cloud services and willing to do the cost benefit and risk analysis.
To be sure, the heavy reliance on cloud services hasn't come without a security rethink, Menefee says. For one, the company needed to revamp its identity management processes. "We needed to think about how to navigate identity management and security between one application and another living out in the cloud," he says.