(c)iStock.com/Massimo Merlini
The Cloud World Forum event, which starts tomorrow in London and will have this publication in attendance, will more than likely discuss business cloud strategies, security fears, as well as the emergence of the Internet of Things (IoT) and DevOps concepts.
Among the list of expected attendees, there is a not unreasonable amount of security professionals from the private sector. Also there is cloud-based enterprise collaboration provider Kahootz. The company’s primary customer testimonial base and marketing push is through public sector clients, yet John Glover, Kahootz sales and marketing director, notes an interesting paradigm shift afoot in the private sector.
“People are now starting to put the reins in there, and put some government structures in there,” he tells CloudTech. “I see them having their own app store, within the enterprise on pre-approved suppliers, rather than just rely on people go and buy stuff off the Internet hoping it’s going to be okay.”
The truth is, organisations are increasingly putting sensitive data on cloud-based systems, and it’s not done haphazardly either. Sure, companies can still get it wrong – for UK businesses, a data leakage may earn them a visit from the Information Commissioner’s Office (ICO). But most private sector enterprises will have data assurance officers in place to mop up potential spillages, and Glover argues the industry is getting “smarter”.
“The reason we reference the public sector is because it does have credentials that can be used in the private sector,” he adds. “We certainly get contacted by private sector companies now.”
As Glover explains, the theory from public sector companies is simple: if it’s good enough for government, then it’s good enough for us. Yet he admits that while the private sector is becoming smarter, they’re still “nervous”. The CESG (Communications-Electronics Security Group) issued a 14 point cloud security handbook for public sector back in December 2013 – a privilege the private sector does not enjoy.
“I’ll give you the classic mistake that everyone makes,” Glover says. “[Businesses will] get a software supplier that say ‘our data centre is ISO 27001 certified.’ I don’t think people realise how naive that statement is.”
He adds: “The data centre is secure, but what about the applications, what about the staff who run that application, what about the business processes that back up that information? If your data centre is ISO 27001, [it] sounds good, but the average private sector doesn’t understand what that means and how bad a statement that is.”
Kahootz offers a secure online workspace with a variety of options, from local business intranets, so conference rooms and tender management software. Glover explains how for Kahootz’s clients – particularly the larger ones – there is a ‘land and expand’ strategy: start small first, deploy more widely later. For him, the key feature organisations look for is governance – mainly so businesses don’t “orchestrate chaos.”
When Glover attends meetings and organisations say their collaboration setup isn’t working out, he gives four points to consider when putting together a workspace: purpose; scope; the activities they perform; and governance. “The worst thing to do is just set up a site which says ‘here’s a great place to share documents and ideas,’” he says. “That doesn’t mean anything, it doesn’t lead anywhere, and because of that nobody’s listening, and nobody’s taken the management over the site to take on that information and do something with it.”
So even if you are nervous about taking the leap into cloud collaboration tools, remember that a journey of a thousand miles always begins with the first step.