Despite several barriers to entry and risks involved, cloud computing is gaining traction, as it offers numerous potential benefits to organisations of all sizes. However, while the benefits of cloud computing may outweigh the risks, this does not mean that the risks can simply be ignored. In order to leverage the benefits of the cloud without falling foul of regulations and compliance legislation, it is vital to firstly implement sound data governance and effective data management processes.
One of the most attractive benefits of the cloud model is its ability to lower initial implementation costs. Accessing new technologies therefore becomes an operational expense as opposed to a large capital expense, and internal IT costs can be dramatically lowered. The cloud also offers greater scalability and flexibility, reduced time to deploy new applications and services, and can help organisations to standardise services and technologies.
For the Small Medium Enterprise (SME) market, the cloud offers access to technologies that were previously unavailable and unaffordable due to high purchasing cost. This model also has the potential to offer a ‘try before you buy’ approach that ensures solutions are fit for purpose before they are adopted wholesale into an organisation. This then improves user adoption rates, which potentially improves performance of the organisation. In terms of data management, cloud solutions also ensure automatic data backups, which support compliance and redundancy objectives.
However, these potential benefits are balanced by a number of barriers and risks that have prevented the adoption of cloud solutions in many instances. The first of these is concern over data security and privacy. Many organisations are understandably reluctant to allow their data and applications to be physically held outside of their immediate control. Added to this, moving personal and confidential information into the cloud may increase the risk of misuse or security breaches. There is much debate however over whether or not hosted services are any less secure than in-house services, to which different conclusions may be reached depending on the nature of the organisation itself.
Secondly, legal and regulatory restrictions prevent certain data and applications from being able to be held in the cloud. Data protection laws and industry specific regulations often restrict where data can physically be held, and since cloud hosting is virtual it can be very difficult to track and verify where the data is being physically held. This leads to the problem of who is held responsible if the data is misused: the owner of the data or the hosting company.
There are also commercial and operational factors to bear in mind, including the argument that higher operational costs will negate any capital expenditure savings. The cloud is an immature and volatile market, so selecting a reliable long-term provider can pose a challenge. Cloud and hosted services have the potential to create commercial and technical dependency on the supplier, and if the supplier experiences downtime then the company itself will lose services and productivity. In the South African market, variable broadband speeds are also problematic, as unstable connectivity can affect access to services.
Finally, cloud computing presents certain application and data integration challenges that need to be dealt with. Public cloud customers need to be able to integrate existing IT services, applications and solutions with new cloud services, however many potential cloud customers do not have sufficiently virtualised in-house applications to make this integration possible. This may encourage greater fragmentation of applications.
Cloud computing also introduces new data management challenges that must be addressed. Many traditional data management applications are becoming increasingly cloud-based, including business intelligence, analytics, Extract Transform Load (ETL) and data quality. However this in itself presents new challenges around data security, legal and regulatory adherence and data governance. Moving to the cloud requires a sound supporting data management strategy.
The first step is to prepare data for migration. This involves scoping and scaling the data to be migrated, evaluating its suitability for integration with other data sources, and undertaking source data rationalisation and cleansing. Once this is done, data can be migrated to the cloud environment. It must however be profiled in advance of data migration and enhanced in preparation for the migration, to ensure that data quality is maintained during the ETL process. Once data is in the cloud, it must be managed adequately.
This involves enforcing business rules that are to be applied in the cloud environment, auditing data to ensure security, adherence and quality, and supporting data governance activities.
The bottom line is that the cloud has arrived, it is here to stay, and it will only continue to grow. For SMEs the cloud will become the norm, and for larger organisations a hybrid model of internally and externally sourced services will likely provide the best mix of benefits and risk management. However, effective data management is key in ensuring cloud success. Pursuing a cloud strategy without first having a data governance strategy in place could wreak havoc on any enterprise in an era in which data is currency.
Gary Allemann, MD at Master Data Management