FAQ

Making relevant and smart choices of cloud solutions, with regard to reliability, security and QoS can rapidly become a real obstacle course. For instance, giving your data to a cloud provider, does that specify where the (virtualized) data is physically stored? What legal framework applies to the data, and how to retrieve or delete data, or switch from provider when the service is no longer up to par? Of course, you can use existing marketplaces, cloud brokering and benchmarking platforms to find cloud solutions and services at your fingertips, but any of them is really a good option. These platforms are basically highlighting cloud offers into a lock-in technological with no business and security guarantees. The EC is about to standardize Service Level Agreements and contract terms to facilitate cloud comparing offers. To prevent ‘lock in' by a Cloud Provider, the EC wants also to create pre-conditions to safeguard data access and portability. This should promote interoperability, meaning switching from one provider to another, is safe and easy. Following the EU Cloud directives, our trust matrices integrate more than 100 criterias to strengthen your decision making and to help you choose cloud services with confidence

Shadow IT also known as Stealth IT is defined as IT systems and solutions built and/or used inside organizations without explicit organizational approval. With the explosion of Cloud solutions, end users and employees can easily deploys apps without the IT team knowledge, with the risk to introduce new security breaches into the company or by implying higher costs for IT rationalization

Many recommendations across the 'Net sound like this: "Don't keep your information on the cloud." Fair enough, but it's the same as if you asked, "How not to get my house burned down?" and the answer would be, "Do not have a house." The logic is solid, but a better way to translate such advice is, "avoid storing sensitive information on the cloud." So if you have a choice you should opt for keeping your crucial information away from virtual world or use appropriate solutions.Encryption is, so far, the best way you can protect your data. Generally encryption works as follows: You have a file you want to move to a cloud, you use certain software with which you create a password for that file, you move that password-protected file to the cloud and no one is ever able to see the content of the file not knowing the password. There are some cloud services that provide local encryption and decryption of your files in addition to storage and backup. When choosing the best way of protecting your information keep in mind how valuable that information is to you and to what extent it is reasonable to protect it. Therefore, the first thing you should do is to define the level of privacy you need and thus a level of protection for it. So try to strike that delicate balance between the required level of protection and the time/effort/money spent on it.

When business are granted their Cloud provider a high degree of control over their business data, they takes majors risk over their data integrity and data breaches.The biggest financial consequence to organizations that experienced a data breach is lost business. Following a data breach, organizations need to take steps to retain customers’ trust to reduce the long-term financial impact.

Data privacy laws around the world may present some new challenges for your business and require due diligence when moving to the Cloud. To comply with GDPR and NIS, organizations and IT professionnals should following the outcome of one stop shop provision, as well as the consent provision for the transfer of personal data. Indeed, the legal security is a real key aspect in the use of Cloud computing. In essence, business should always ensure that their data are secured, their data locations are known and that it can be retrieved easily. It's not only your cloud provider responsibility to secure your information! It is down to the user

ROI calculation is important for any new or existing IT investment.One of the most difficult tasks for IT leadership is weighing the total cost of an IT service against its potential return.This challenge holds true (perhaps even more so) for Cloud computing. A meaningful assessment of the benefits of Cloud Computing must encompass the short-, medium- and long-term views as well as termination costs. In addition, tangible and intangible benefits must be properly quantified and considered in the equation. Calculating the ROI may not only consider the immediate costs of contracting and migrating to the cloud and has also to consider the long-term costs of operating in the cloud and the hidden costs that could minimize the expected return. To add to the complexity, Cloud computing encompasses a variety of service delivery and deployment models, ranging from public and community to hybrid and private clouds. These services are offered by a variety of providers, each with different solutions and pricing models. As ROI calculation for cloud computing entails many issues and can be highly complex, one alternative option is to calculate the adoption cost of a cloud project/infra through its entire lifecycle -Build-Run-Monitoring-Termination and reversibility- and by applying adhoc adjustments variables.

The promised cost savings that customers thought they would receive when moving their workloads to the Cloud, haven’t materialized. In fact, it can be quite the opposite when they first see their bill, after failling to be properly advised on their long term costs! Furthermore, Cloud providers have different ways of charging for their services and the plans are not always easy to understand for customers. It's clear that the ROI of a Cloud project remains complex to calculate, because it should integrate not only all the tangibles and intangible assets, but should also take in consideration the Cloud adoption costs over the entire project lifecycle (build, test, run, maintenance, exit, and reversibility)

The SLA is a contract between a service provider and its customers that specifies what services the provider will furnish, the availability and uptime of those services, application or service response time and other specific performance benchmarks, and the number of concurrent users that can be supported. SLAs need to show that IT-as-a-Service can be measured and justified with relief provided to the customer if service levels are not met. This can include stating how any downtime will be addressed by the service provider and how customers will be compensated when service levels are not. For instance, SLA should include specifications about the maximum duration of downtime, response times for notifications of defects and the removal of defects. The backup and data recovery process should be documented and providers should perform regular tests to verify whether the processes work efficiently. Check out your cloud contract to see what level of service is provided by your service provider!

With a limited number of PaaS vendors in the market today, each of which wants to build a binding relationship through its comprehensive offerings, a vendor lock period is often the norm, which can limit the business’s choices and the client contract reversibility possibilities. To avoid dependence on a unique cloud vendor, businesses should favor open standard and open APIs over specific solutions, and operate at least two cloud from two different vendors, to facilitate the migration process.