Cisco Blogs

Cloud and Managed Services: Are They Trustworthy?

August 16, 2011 - 0 Comments

Guest Post by Contributing Author Ken Presti

By now, every business leader from every industry serving every walk of life has been pinged by sales people pitching managed services and cloud services. And that’s the way it should be, because both of these are appropriate and highly effective business models under the right circumstances.

In both cases, applications and/or data reside on servers other than your own, and your team accesses those applications and files as though they actually were your own. The net result is the ability to have somebody else take care of your information technology, and to be able to scale-up and scale-down your compute power commensurate with your needs of the moment. Proponents of these two models promise – and in many cases, deliver – substantial cost savings over the traditional model, which is based on the purchase and maintenance of your company’s own hardware and software. This involves not only the purchase and upkeep of the products themselves, but also the salaries and benefits of the related staff, the cost electricity to run the machines, air conditioning to cool them, etc.

In a world full of good and virtuous people, cloud and managed services would be something of a no-brainer. After all, why spend all that money maintaining people and systems, if you don’t have to do that?

But the truth is that the world is not full of good and virtuous people. Like for example —- no, wait! I suppose I shouldn’t name names, should I?

The point is that security is the great equalizer to the economic benefits of cloud and managed services. I’m not saying that effective security cannot be engaged. But I am saying that it’s a complex moving target, just like security is everywhere else in the information technology arena. The difference is that the worldwide access inherent to these models means the opportunity to hack is arguably more pervasive than it might be, using the (dare I call it) “old school” model.

This might make it easy to come to the conclusion that, “I don’t want my stuff sitting on somebody’s server somewhere.” But guess what. Many of the things you hold most private are already sitting on somebody’s server somewhere. Thus, you might feel it is more secure to pay your credit card statement by writing a check, instead of transmitting your account numbers online. But that doesn’t mean your credit company won’t get hacked and inadvertently expose everything they know about you.

So while the security issue is not necessarily a show-stopper, you’ll definitely want to ask plenty of questions about how security is handled by your prospective cloud or managed services provider. And a little bit of research can go a long way towards helping to validate their claims.

The good news is that you don’t have to choose between complete adoption or complete avoidance. It’s entirely possible to sample cloud services and managed services on an a la carte basis, initially exposing only the parts of your business that may be private, but are not necessarily the crown jewels. As time goes on, you’ll get a sense for how well the strategy is working, while at the same time becoming more knowledgeable about how to get the best that cloud and managed services have to offer.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.