Support issues

Quality of professional support can affect the availability and smooth functioning of the application. Cloud provider help desk is a risk factor outside client’s control. Therefore it is difficult to manage this risk effectively. This is especially the case with non-private cloud solutions. When a client chooses a non-private cloud solution it is likely that support would be coming from a shared resource. For private cloud application support, it is either from internal IT team or combination of internal and external resources. This type of support is important especially when the system is complex, mission critical and data is sensitive.

The cloud outages can come from various components such as :

• Risk from natural disaster
• Hacking
• Poor infrastructure maintenance
• Lack of planning at the facility
• Employee turnover
• Use of sub contract resources with less control
• Communication skill
• Cultural difference
• Law enforcement and site closure

The cloud outages can come from various components such as :

When an organization relies solely on cloud provider’s help desk, it is a single point failure and therefore client is at a higher risk. Organization should have an in-house standby support as it would be necessary if the business needs to take recourse on application provider. Client could take a proactive measure by requesting information on support history and have SLA to guarantee an acceptable performance level. Client may also want to explore insurance to cover the loss of business from extended outage.

As a good practice, even if you have outsourced entire applications to cloud, client should consider having a third party oversight firm to review the risk factors and test mitigation strategy.

Data restore and recoverability

For SMB, lack of application availability and failure to recover data can cause irreparable damage to the business. In most cases, SMB does not have the right expertise to examine the risk factors and therefore can’t see the risk factors ahead. Client requires expertise in migrating data to the cloud, data conversion and getting the data back for testing.

Risk mitigation

Client should check with cloud provider on access to backup files for test restore and recoverability at client’s premise or at third party site. The practice would help to validate the soundness of backup process. If the provider has not shared the disaster recovery results, chances are when there is an outage client’s business will be affected. Therefore SMB business should consider access to backup files and work with a third party technical support to review cloud strategy, test restore and recovery plan. Maintaining a periodic backup at a different location is a prudent decision as it would help in the event provider goes off line for reasons outside client’s control.

Terms and conditions

Terms and conditions in an agreement are vital to protect business interest when running business application on the cloud.

Here are some of the key areas the agreement should cover.

• Contract termination and transfer of data.
• Infrastructure availability and performance
• Data protection
• Define colocation hosting centers
• Intellectual property protection
• Low enforcement and lock down
• Certified and licensed platform
• Third party access to data
• Indemnity
• Right for Information

Data Integrity

Data integrity is a concern when application data is managed outside in a public cloud. Client may not receive communications from provider on changes in security, server, storage, database, network, human resources unless it causes outage. Often provider would resist informing security breach to customers as it would affect confidence and integrity of the business.

For further assistance, contact us at info@agniinfo.com