Before You Go Cloud: 5 Important Legal Points
You know you want to make the switch from traditional hosting to cloud hosting for your business. It's a big switch, but often, the right choice. Just as you did when you started your business, you need to be careful: the security of your data, and sometimes that of your customers, is depending on you.
You need to be sure you're making the right move at the right time, and that the provider you choose gives you an experience that suits the needs of your company. Most importantly, ensure that provider's contract meets regulatory and privacy guidelines and restrictions in your industry.
Before You Go Cloud: 5 Important Legal Points
1. Is Cloud Computing Covered By Your Insurance?
When you are thinking about choosing cloud computing, you need to read the fine print of your insurance policy first. Look for the policies that spell out your company's networks and computers. Will a loss due to cloud computing be covered? At the same time, look over the clauses in the provider's contract. Does it include indemnification clauses regarding service outages or data breaches? If the answer to both is no, you have no recourse in the event of a data loss. At least if it is in the provider's contract, you have some form of protection.
If it isn't in the provider's contract, ask that clauses regarding outages and security breaches be added. If it isn't in your insurance policy, maybe now is the time to pick up an insurance plan that addresses the needs of the cloud.
2. What Does the Long Term Look LIke?
Before you sign any contract, you need to look at the vendor itself. How viable are they? What will happen to your business if that vendor merges or outsources? Another issue: can your IT team handle cloud computing? What about the rest of your staff? Guidelines spelling out best practices must be drafted.
3. Is Your Data Really Secure?
No matter how strong your contracts and insurance policies are, data and security breaches can still occur. You need to take a look at how a data breach will impact your operations and any external vendors or partnerships based on the security plan laid out by the service provider. Assure you own the rights to your data (yes, this can be an issue with some providers) and find out what happens to your data if you decide to go elsewhere.
4. Is Compatibility In Place?
This is often not high on the list of considerations, but it should be! What if your facility relies on Windows products, and suddenly you want to switch over to Apple, or you add iPads in? Will the data the cloud provider you choose be compatible across many platforms? If you plan on sticking to one platform and device, great. But if you want to plan for the future, which is always unknown in the tech world, compatibility is key.
5. Is The Cloud Provider Compliant?
Federal regulations are a huge consideration, mainly because they can put the security of your data at risk. Despite data being removed from the cloud, copies might still exist that can be provided to authorities and you'll never know. You also need to be sure the provider is taking your companies regulatory and legal requirements into consideration due to the nature of sensitive data. Look for their compliance, industry-specific, with standards such as the Statement on Auditing Standards No. 70 (SAS70) or HIPAA.
NOTE : The contents of this article are not to be taken as legal advice.
Photo courtesy of StockMonkeys dot com via Flickr Creative Commons
