Cloud computing can bring huge benefits to businesses, but there are risks that need to be managed.

Used to describe a variety of products and services, cloud computing generally refers to a network or internet-based means of providing shared resources – such as storage or software – on demand.

If you’re not sure what that means, think of the difference between a Netflix subscription and a shelf of DVDs. Reduced costs, simpler maintenance and greater flexibility, scalability and reliability are offered by cloud computing, which is particularly useful as increasing numbers of business processes become automated and interconnected.

As these changes occur, the benefits of moving IT systems to the cloud also increase. For instance, outsourcing responsibility for running hardware and software to the internet – including the hassle of maintenance and upgrades to the relevant computers – is clearly an attractive option.

Easy access to information on the go is another bonus: being able to access real-time data from a PC, laptop, tablet or smartphone from any location with internet connectivity can help staff pre-empt problems and optimise performance.

However you must make sure your cloud service is set up to meet the needs of your business, in particular by ensuring the right protection is included in agreements with providers to (among other things) enforce security and monitor cost: like many mobile phone contracts, cloud services are typically charged on usage, rather than at a fixed rate. The latter can depend on the amount of storage required, user licences or items processed, so carefully anticipate what your usage will be before committing to a pricing model.

Providers also need to be held to minimum standards of accessibility, as having a vital business resource is no good if your employees can’t access it when they need to. To limit down-time, agreed financial consequences (such as service credits) should be included in your contract as the knock-on effect could be considerable.

Another thing to think about is security. The number of security breaches to have hit the headlines has discouraged many businesses from fully embracing the cloud because of the fear of sensitive information – whether commercial or personal data – getting into the wrong hands. It is therefore vital to ensure your cloud provider is subject to clear and robust security obligations, potentially including the ISO 27000 family of information security standards. Appropriate remedies in the event of any breach or loss should be included in your agreement.

If you are considering using the cloud for your business, the key to a successful agreement is doing your homework. Draw up a list of requirements and thoroughly check your provider can fulfil them before you begin negotiations as this should help you get the most out of the cloud as well as making the process quicker, cheaper and easier. Clearly setting out your requirements in the contract should also reduce the risk of ever having to take enforcement measures.



By Elliot Fry, a solicitor and technology specialist at law firm Cripps