An estimated $1 trillion in IT spending is expected to shift to the cloud over the next five years, making it one of the most disruptive forces in IT history.
Organizations of all sizes and types are integrating the cloud into every aspect of their operations, from simple cloud storage and backup to more intensive platform-as-a-service and even identity-as-a-service integrations.
Before we trust any cloud vendors with sensitive company information, we evaluate them by completing a cloud vendor scorecard.
That scorecard focuses on four critical factors outlined below:
#1 – DATA SECURITY
It’s no surprise that the first factor is security, of course. Most cloud engagements require the sharing of highly-sensitive employee, customer and company data, and you don’t want your cloud partner to become the weak link in your company’s security perimeter.
At a minimum, you’ll want to know:
- Where exactly your data will be stored.
- How secure that facility is, both digitally and physically.
- What encryption methods the vendor relies on, both when the data is at rest and when it’s in flight.
- Whether your data will be housed in a single tenant or a multi-tenant configuration.
Avnet only supports single tenant arrangements for greater data integrity, but your own requirements may vary depending on the sensitivity of the data being stored.
#2 – ABILITY TO CHANGE & INTEGRATE
The second critical factor is a partner’s responsiveness to change. Cloud integration is evolving rapidly, and the needs of your business will likely change within 12 to 18 months.
The cloud vendor you choose also has to be able to respond to your changing needs, or they won’t be able to keep pace with the demands of your business.
To make sure this doesn’t happen, ask the following:
- In the event more or less services are needed in the future, how would that change be handled?
- How would requests be addressed for extra functionality or additional services beyond the current agreement?
- What are the vendor’s cloud-to-cloud integration capabilities? How would those integration requests be handled?
#3 – LIABILITY & INDEMNIFICATION
An essential part of any cloud vendor evaluation is identifying what happens in the event of service data loss. That included determining both liability (what is exposed) and indemnification (who pays).
This aspect of the cloud vendor evaluation and negotiation is absolutely essential, and includes a number of different factors, including:
Service outage
- What is the vendor’s service level commitment and what happens if there is a service outage?
- Will you be financially compensated for the lack of service?
- What are your rights to terminate for cause if there are sustained service delivery problems?
Loss of data
- What happens if your data is lost, stolen or placed at risk?
- Who is liable for any costs or business loss you may incur due to failure to support or protect your company data?
- In the event the vendor fails to maintain integration with other cloud vendors in a cloud-to-cloud integration, how will the vendor responsible resolve the situation?
Ceasing operations
- In the event the business relationship ends, how will your company data be returned to you?
- What help with the vendor provide to help with transitioning or ending the service?
- What recourse do you have if the vendor won’t co-operate with you on service transition?
#4 – VENDOR VIABILITY
The fourth factor is the long-term viability of the vendor. Chances are you’ll need this vendor to be around for some time, and the cloud marketplace is highly volatile.
[to continue, click HERE]
