Innovative software makes energy monitoring a breeze
Doug Miles, AIIM’s Head of Market intelligence, looks at the decision-making process for cloud deployment of document and content systems.
Cloud computing is not new. Web-based email, cloud web-development and a host of useful SaaS (software-as-a-service) applications have been available for over 10 years. Social applications used within and beyond the business are more than likely to be SaaS-based.
Everything is heading for the Cloud
What seems to be new is the growing realization that mainstream enterprise applications and core office applications are heading for the cloud with a degree of inevitability. The G-Cloud initiative is happening (albeit slowly), and decision makers are facing a choice of when to move core functions to the cloud rather than whether to move them. Included amongst those enterprise applications are document and records management systems and corporate collaboration suites, and these throw into sharp relief the issues of security and governance that can often be weighed off in other web applications in favour of cost-saving or flexibility.
Each organization needs to set its strategy based on that balance, and, most importantly, review the decision as they gain experience of cloud offerings, and as the services themselves grow and mature. In a recent AIIM survey, 41% of respondents consider cloud will become the de-facto deployment for general IT applications in their organization within 3 years - including document and content management applications - rising to 77% who see it happening within 6 to 8 years.
It should, of course, be realised that there is a broad spectrum of cloud services from local outsourcing to consumer-style apps, and often it is the latter that make the running in the perceptions of stability, security and compliance. However, business users and managers are often prepared to disregard these shortcomings if it helps get the job done more quickly and simply. Indeed, a reluctance on the part of IT, and in particular records and compliance managers, to provide official, cloud-based file-sharing and collaboration platforms has resulted in the wide-spread adoption of un-governed file-sharing applications, many of which can best be described as “consumer-grade” when it comes to security and rights management.
Consumer-Grade File Shares
In the AIIM survey, 30% of respondents are seeing increasing use of unofficial cloud content management services and file shares, and it is likely that many more are unaware of more covert use. Whilst 19% prevent access to non-approved sites, and 45% have policies limiting their use, only 5% have an “official” cloud-based alternative. The need to share content with project groups outside the firewall is given as the most likely reason users and managers are by-passing on-premise content management. They also like the convenience and simplicity, and the better mobile access. Unfortunately, managers frequently adopt “consumer-grade” services such as Dropbox, paid for on a company credit card – or worse still, used at the free level, which is likely to lack basic security and administration functions.
The answer for those charged with maintaining security and compliance is to provide a suitable alternative. Enterprise-grade cloud file-share and content management systems are likely to offer secure logins, partitioned security, version control and even content-based workflow. Some will also synchronise content selectively or completely between on-premise content systems and the cloud. This seems to be a popular approach to achieve the sharing and access of the cloud whilst reflecting the security and governance of the on-premise system.
Security and Location of Cloud Data
Much has been written, of course, about the issue of datacentre location for cloud services, and one of the objectives of the G-Cloud project is to overcome this objection. Many cloud service providers can also offer assurance of where the data is stored. Security and continuity is perhaps less easy to assess. In the AIIM survey only 4% of those using any SaaS or cloud services had suffered security, reliability or data loss incidents, and 37% do not see data in the cloud as any more vulnerable than on-premise, including 10% who feel it is safer.
Stairway to the Cloud
The AIIM survey report sets out the following recommendations:
A general and considered view on fundamental desirability within your model of business operations. Consider IT departmental costs, equipment depreciation models, consolidation of subsidiary sites, mobile and remote activities, office costs and data center costs.
If security is an issue, undertake a risk analysis and compare service level agreements. If connection bandwidth and reliability is an issue, monitor uptimes and capacity of existing links and consider upgrades to the next level.
Take a view for each major area of application. Consider potential operating benefits as well as cost benefits of the cloud against security, availability and integration implications.
Have a specific strategy view on content and records, e.g., cloud as the only copy, cloud for “published” copies, cloud replicated to on-premise, cloud for external collaboration, cloud for archive
If you have little experience or expertise in on-premise content management, beware of replicating the same “digital landfill” in the cloud. Take training and advice.
Be sure to include business users in your strategy-setting process
The AIIM Industry Watch report “Content in the Cloud – making the decision” is free to download at www.aiim.org/research
Since 1997 e3 have worked with many government agencies, departments and NGO’s including The Environment Agency, National Archives, Natural England, Civil Service Learning, English Heritage, Qualifications and Curriculum Authority, Dept. of Work and Pensions and the Border and Immigration Agency.