There is no straight forward answer to this question. Whether cloud computing is right solution for you depends on various factors:
- Total Cost of Ownership (TCO): Since cost savings is one of the most important decision factors for opting for Cloud solution, it needs to be assessed what impact it would have on the TCO. A thorough TCO analysis needs to be done. It has been observed that the actual value (value realized after adopting Cloud) vs. Perceived value (expected value perceived before adopting Cloud) is quite marginal for some organizations if other non-tangible factors are considered (e.g. data security, implementation ease, support availability, Quality of Service, etc.).
- Data Security: Data security is still one of the top fear factors for enterprises. There have been ample evidences of breach of data security in recent years. The high profile Sony hack is now famous in the industry. In 2014, JP Morgan Chase saw 80 million records breached for use of identity theft. In the same year, Apple iCloud was a victim of hacking of major celebrity accounts, leading to the release of private photos and videos to public domain. If your business involves dealing with mission critical accounts and sensitive confidential customer information, conduct proper risk assessment and evaluation of cloud service provider. Perform proper and regular risk assessments to identify where the cloud service provider stores and transmits valuable data. In such cases, opting for private cloud could be a better option than public cloud.
- Compliance and Governance: Cloud computing gets increasingly complex (for both Cloud service providers and consumers) when it comes to legal, regulatory and compliance issues. There are a host of regulations to deal with. There are government regulations such as Sarbanes-Oxley and European Union Data Protection Act, and industry regulations such as PCI DSS for payment cards, and HIPAA for healthcare. Additionally there are geo-specific regulations such as country and state laws to deal with. Therefore before embarking on a Cloud solution (for service consumers), evaluate how creating and implementing measures to comply with the regulations is going to add to the existing workload. Check with your service providers where Cloud data centres are located; and ascertain whether the regulations permit storing data outside the country. For example, the EU Data Protection Act mandates keeping personal information within the European Union. If an organization is storing health-related information regardless of which industry it belongs to, then it is subjected to HIPAA. Hence work closely with your cloud service provider to identify all legal and regulatory requirements, and the steps to meet these regulations. Even if you are dealing with a third-party provider, subject them to the same contractual clauses as you would do for your primary supplier. After all, non-compliance could be costly. The Payment Card Industry (PCI) can impose fines of up to $100,000 per month for violations to its compliance.
- Ease of Integration: Determine how easy it is to integrate the cloud solution to your existing IT landscape. Check for interoperability with your corporate applications, custom applications, in-house developed solutions, and non-standard interfaces.
- Service Level Agreements (SLA): A carefully-crafted SLA is paramount to receiving the right Quality of Service (QoS). Not that by adopting cloud services, you are giving up control of your ability to manage availability, performance, maintainability, and timely support as you would have with your in-house infrastructure. Therefore negotiate the process, control mechanisms, and SLAs tightly with your service provider to guarantee consistent QoS.