Risk Reductions – The Cloud Benefit We Don’t Talk About
Most cloud decisions that I have been a part of in the past, or help clients with today, are typically dominated by budget, security, functionality, and adoption considerations. While these are all extremely important, risk reductions outside the security space often go unrecognized. These other risk reductions are the unsung benefits of the cloud, and they don’t receive the attention they should– They are also compelling reasons to start making the shift.
I am sure there are plenty more examples than the ones I outline below, but these are the risks I have personally been able to help organizations avoid with cloud solutions.
Facility and Environmental Risks
These are the most obvious, but also the most common. Whether you are hosting your infrastructure yourself or at a colocation facility, these are all tough (and costly) to mitigate.
On-premises systems often evolve over time and end up more complex, and not nearly as “standards-driven” as cloud deployments typically are.
Vendors can always present risk and require attention. That being said, large enterprise public cloud providers present less risk to an organization than smaller development, hosting, and colocation companies.
As I have mentioned in previous posts, compliance is really an extension of security technologies in many ways. One of the easiest ways to simplify compliance efforts is to reduce what you have to manage and keep compliant yourself.
Despite everyone’s best efforts, disruptions and data loss can still occur. If they do, being able to recover quickly and reliably is much easier in the cloud. Geographic diversity and the sheer scale of the cloud environment opens up entirely new opportunities to improve recovery capabilities without enormous investments of time and money.
All these risk reductions are real, they are valuable, and they should be a part of any discussion about moving systems or applications to the cloud. This isn’t to minimize the shared responsibility model that we all need to follow (see Microsoft’s diagram of this below), but up to half (half!!) of the boxes below are Microsoft’s responsibility, depending on the system.
Oh, except for on-premises. You have to manage that. All on your own….