Skip to main content
close search
site logo
Wayne Spivak's headshot
Wayne Spivak President & CFO

Why did your company decide for or against moving to the cloud?

Asked on Aug. 20, 2014

If you did, what were the main drivers for the move? If you’re still thinking about it, what does the decision hinge on?

Answers

Anonymous's headshot
Anonymous Manager • August 19, 2014

Our company is still in the decision phase.

I'm personally, kind of dubious of the whole cloud, cloud, cloud push and I think our senior management are as well. I understand that one wouldn't be maintaining servers, but then there's the security risk, transition/integration/training cost, and the rest.

I'd be curious to hear more from someone who has been there and done that to see how it actually worked out for their organization.

Not to sound like a Luddite, but it kind of reminds me of a comparison I read about some years ago where they compared a paid-for 1987 Mazda GLC to a new Prius for cost and environmental impact. It turns out that the already-paid-for Mazda GLC with pretty good gas mileage was both a cost and environment winner.

comment-icon 1
Sarah Jackson's headshot
Sarah Jackson Associate Editor • August 19, 2014

Anonymous, I agree with you that following the herd may not be the way to go.

You may want to check out this Thursday webinar here on Proformative:

"Three Steps to Building the Case for Moving to the Cloud"
https://www.proformative.com/events/three-steps-building-case-moving-cloud

I think a system to analyze ROI could be a real plus.

Best... Sarah

Anonymous's headshot
Anonymous Internal Auditor Lead • August 20, 2014

For some segments, I believe that moving to the cloud posses an unacceptable risk. Government agencies should maintain the custody of the records of citizens and not transfer the responsibility to the purveyors of cloud services which may have servers located in diverse and sometimes undisclosed countries. With the geopolitical climate and the increase in security breaches, this maybe a Pandora’s Box.

Bill Chorba's headshot
Bill Chorba CFO • August 20, 2014

We did it for several reasons:

1. We are a global organization, yet somewhat small, so we needed easy, secure access to our systems and data from any location worldwide in a cost-effective manner.
2. Or core business is not data security and system business continuity/disaster recovery, so we wanted to place our systems with the blue chip companies whose business models depended on security, system integrity and access.
3. We prefer the systemic, steady license costs over the "lumpy," less predictable spending needs for IT infrastructure that is owned and managed.
4. The cost savings of reducing our IT staff validated the licensing costs of the systems we use in the cloud (Office 365, Salesforce, Liferay, Solium and Quickbooks).

No blanket rules exist for why a company should or should not go to the cloud. We just know it works for us.

comment-icon 1
Denise Loter-Koch's headshot
Denise Loter-Koch President/CEO • August 20, 2014

I agree with the notion that there are no rules that can be applied when it comes to the cloud. Each business needs to analyze their needs and wants to see if cloud services or technology can be integrated into their strategy.

The experience my firm has had sounds similar to yours...in that we enjoy the reduced IT costs, ability to access data remotely, and predictable/scalable costs involved. The only thing on your list that I would want to expand on is security. A lot of people seem concerned with how secure the cloud is, and I think that has a lot to do with the potential for hackers or viruses. What they are not considering is other data risks. Having all your data stored on one server in your office isn't secure. Having your employees store data on laptops that they use remotely isn't secure. And like you, my business doesn't have extensive on-site IT staff. So as you said, placing your trust in service providers that excel in areas of data security or disaster recovery makes sense.

Dabney Wellford's headshot
Dabney Wellford CFO • August 20, 2014

I came into an implementation of Netsuite at my last company. While the points of reduced 'local' infrastructure are valid, I never got full assurance of the replication of the data or the overall security. I once heard an IT professional say that "I have not heard of anyone having problems, so it must be OK." (I would have fired him.) I agree with most of the comments above, I would steer clear of the low cost solutions, as they are all about providing a low cost solution, not providing security.

I wish that I could say that the AICPA provides great guidance in getting a solid compliance report that has teeth, but that does not exist. Best thing to do is to go in with "eyes wide open".

Mark Matheny's headshot
Mark Matheny VP - FInancial Planning and Analysis • August 20, 2014

Holding at this point. Want to get more comfortable with security and access before moving mission critical processes to "cloud." Get more comfortable everyday, but not there yet.

Theodore Omtzigt's headshot
Theodore Omtzigt CEO • August 20, 2014

The 'cloud' as a solution to deliver information technology solutions is more akin to a banking analogy. All modern businesses need IT for a web presence, AR/AP, collaboration, communication, etc. One big problem is to deliver a good and improving customer experience as folks have grown comfortable with Google and Amazon, and to keep all the digital bits secure.

The banking analogy is this: you could manage your own cash, but generating value and keeping that cash secure is difficult, expensive, and dangerous. A bank can do a much better job because of the power of amortization and business purpose the bank can spend more money, time, and focus on these issues of value creation and security. Similarly, the cloud ecosystem and the SaaS vendors that offer solutions to web presence, AR, AP, ERP, CRM, etc. they will be collectively much stronger and more secure than your business would be able to do it for itself.

Because the underlying economics and the increased complexity to deliver global IT services, the cloud and SaaS are going to consume traditional IT. The SMB segment will most likely go completely cloud and SaaS and use managed services for internal networks and devices. The enterprise will always have a need for a local IT service but it will be managed and operated like a cloud.

There are concerns with respect to accountability and security, and the appropriate response to these issues is the same as we would have with respect to our money. You fundamentally give away control when you 'outsource' the keeping of something. If I place money at JP Morgan or Bank of America, I have no control over that fact that they may use it to launder drug money. So, you need to maintain the ability to move and hedge your financial services. So is the case with IT and cloud services. Ultimately, the business is responsible for data loss and data leaks, and there are well established solutions to these problems that business actually should already have implemented in their own internal processes, the cloud just makes it more important. The test is very simple: all bits at rest need to be encrypted typically using an asymmetric cipher that the company owns, and all bits in motion need to be encrypted with a symmetric cipher. And all modifications of the ciphers need to sit behind an approval process and need to be tracked for forensic and repudiation tests.

Want to join the conversation? Submit an answer or ask a question by emailing us at [email protected]

Submit an answer
Filed Under: Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell