Four reasons CISOs and CTOs are afraid of the cloud

Is it time to set aside fears of loss of control and security and reasses your faith in the flexibility and strength of on-premise solutions?


For years, IT departments have had full control over their own infrastructure (for better and worse) and are naturally uncomfortable with anything that prevents them from being the sole resource for their own infrastructure.

They have been trained to maintain tight control because of the complexity of their own environment—a positive trait that has helped to assure timely and accurate delivery—but also limits their ability to accept change.

It should also come as no surprise, then, that IT often views data leaving its network as a negative rather than a positive.

However, Software as a Service’s (SaaS) cost-savings and ability to help companies foster innovation within their own infrastructure is too strong a value proposition for most enterprises to ignore.

Although management may be pushing cloud initiatives on their reticent IT staff, many CISOs and CTOs are wary of the hype and have nagging fears around the loss of infrastructure control, loss of ownership of data, vendor lock-in and data security.

These fears are largely rooted in false perceptions around loss of control and security—and in false beliefs in the flexibility and strength of on-premise solutions. The key to easing these potential pitfalls is to thoroughly evaluate your SaaS partner.

Like any other industry that achieved popularity quickly, there are many companies that are slapping “Cloud Computing” stickers on their products and positioning them as brand new. Enterprises need to delve into the details of their partners’ operations, software and license agreements to ensure they are aligning themselves with a company taking advantage of modern technology and protocols so none of their fears come to pass.

Fear #1 – Loss of Infrastructure Control

This is a problem perpetuated by managed service providers during the 1990s, when businesses would move from on-premise solutions to managed services. Back then, some managed service providers could not provide an environment in which they could deliver timely or reactive support or functionality, thus frustrating the end users.

The sophistication of technology today has allowed the industry to move away from this unwanted scenario and provide the best of both worlds: the administrator retains the granularity and control that is provided by an on-premise solution while still getting timely support.

With that being said, however, all vendor infrastructure is not equal. Enterprises should fully understand the infrastructure of a vendor’s SaaS-based solution and ensure there are no single points of failure, such as those found in the recent T-Mobile data fiasco.

A key attribute enterprises can look for in cloud partners is whether or not they use a grid computing system and, if so, how they define grid computing. Grid computing is a proven method to achieving 99.999% reliability because these networks are able to shift data burdens – rather than creating single points of failure – to alternate locations or across shared multiple locations should an outage or corruption occur. Instead of causing an informational bottleneck, data is simply accessed from another part of the grid until the problem is fixed.

Rich SaaS implementations are every bit as powerful as on-premise solutions and allow the administrator to maintain control of the application without dealing with the environmental requirements.

Fear #2 – Loss of Ownership of Data

This ties into the first fear because it deals with IT being uncomfortable with data that is not on their own infrastructure.

This fear is a valid concern as data is generally processed or held offsite by cloud vendors; however, on-premise providers often lock customers into solutions by making any migration or upgrade path both cost-prohibitive and technically undoable.

Enterprises need to ensure that data ownership is addressed in detail in the cloud licensing agreement or terms and conditions. Reputable SaaS vendors will ensure that companies always own their data, and it is not provided to anyone else or used for the benefit of the service provider, and are able to easily access their information whenever they need it and get it back, however large the volume, should the partnership not work out.

Systems based on modern technology provide enterprises with a robust administration console that allows you to set all data policies, review access information, control data users and freely interact with data. If a SaaS company cannot guarantee these types of capabilities, enterprises should be wary of partnering with them.

Also, enterprises should research the company’s partners, press clippings and case studies to get an idea of what industries their solutions are best suited and how they work with clients.

"Recommended For You"

Hey Cloud - that's mine, now give it back Best practices for scaling up SaaS