This first part in the series on cloud adoption provides the process to follow when identifying and addressing the risks that arise from adopting a cloud-based strategy for a small business.
Taking a cloud-based approach for software is, in its simplest forms, an outsourcing decision: to what extent should you empower third parties to control and support the software applications you use within your business?
The solution for small business in the cloud is software-as-a-service (SaaS) – that is, a software application that is provided through a phone app or web browser, rather than being installed and tied to a single device.
These services can typically accessed via an internet connection, on a variety of devices (phone, tablet or PC) by logging in using a username and password. You also have the ability to save and retrieve files ‘in the cloud’ (like Dropbox or Microsoft OneDrive), and automatically save and store data (as with CRM software or finance software).
"Cloud adoption – understanding the risk of cloud services" takes a walk-through approach, from scoping cloud software options all the way through to migrating away from the cloud service. It also covers the majority of risks to consider prior to adopting a cloud service, and provides a checklist at the end. he
There are a number of legal implications that should be considered by both accounting practices and small businesses in the UK before adopting cloud computing services. Read our guide on the legal aspects to consider when using cloud services. It covers contract, service availability, security, intellectual property, data commitments, data protection, and risk management.
Use our checklist to make sure you have covered all areas.
One of the biggest benefits of cloud services is their ability to be accessed remotely, with just an internet connection. This can also be the biggest risk factor, as not all networks are secure. Public networks, particularly unsecured wireless networks, are risky for services that contain crucial data as it is possible for other users on the network to intercept data being sent between your device and the network and thus potentially gain access to usernames and passwords. Historically, connection to a corporate VPN was often mandatory before accessing an office network but for a small business setting up and maintaining such a network isn't feasible. Services exist for web VPNs, which will encrypt traffic sent between your device and the internet, and for a low monthly fee these can be used anywhere in the world to secure your internet connection when connecting to a public or unsecured network.
The above extract was taken from the report. Follow the link below to read the report in full: