Microsoft’s assistant general counsel gives his verdict on moving the cloud

Enterprises looking for a cloud provider face an embarrassment of riches as there are so many options to choose from. So how do they decide? The short answer is that they shouldn’t start with technology.

“It’s become a very crowded cloud provider market,” said Microsoft’s assistant general counsel Dennis Garcia in a recent web cast. “The cloud technologies have become increasingly mature, and companies are realizing there are lots of business advantages to moving to the cloud.” Advantages include cost savings, improved collaboration and increased productivity, he said. “You can even be more secure, assuming you are working with a trusted cloud provider.”

Garcia sees cloud providers falling into one of four categories: traditional IT providers, such as Microsoft, Oracle and IBM; companies that describe themselves as being born in the cloud, such as Google and Amazon; smaller providers that haven’t been in the marketplace too long, such as Dropbox and Box; and, finally, there are those that weren’t traditionally in the IT business but have shifted, such as telephony companies like AT&T.

One of the challenges facing enterprises as they try to select a provider is understanding how to find a trusted one, said Garcia, which is complicated by the fact there is no single set of laws government cloud computing. For example, “there’s now singular data privacy law out there,” he said. “This whole area is changing and evolving as we speak.”

Garcia frequently tells customers the regulatory landscape for cloud computing is in fact cloudy. He said Microsoft is trying to be proactive in encouraging governments to enact laws to deal with the modern-day cloud computing world. One promising new piece of legislation in front of U.S. Congress is the Law Enforcement Access to Data Stored Abroad Act. “This is a great step in the right direction to clarify the rules.”

If an enterprise has made a business decision to move to the cloud, said Garcia, its key goal should be to work with a trusted provider. “You need to spend a fair amount of time conducting a thorough investigation of a potential cloud provider.” Organizations should identify a team of professionals within the company to do that work, he said.

There are four key stakeholders that should be involved, including the in-house legal team, a data-privacy law expert, someone focused on information security, and a representative from your risk management and compliance team. “You want to get these folks involved early and often,” said Garcia. “Don’t wait until you’ve actually signed the contract.”

These people should be the ones to do the due diligence, he said, and recommends following a framework that addresses four key considerations. The first is working with a cloud provider that has truly transparent business practices. Second is how the provider protects data. Third, enterprises should work with a provider that is really focused on compliance and can provide a pathway to help you be compliant. The last is control, said Garcia. “You want to work with a cloud provider that is going to enable you to continue to own, control and get access to your data even though it’s in your cloud environment.”

 

 

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Gary Hilson
Gary Hilson
Gary Hilson is a Toronto-based freelance writer who has written thousands of words for print and pixel in publications across North America. His areas of interest and expertise include software, enterprise and networking technology, memory systems, green energy, sustainable transportation, and research and education. His articles have been published by EE Times, SolarEnergy.Net, Network Computing, InformationWeek, Computing Canada, Computer Dealer News, Toronto Business Times and the Ottawa Citizen, among others.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now