Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Top 10 Cloud Computing Complaints: Page 4 of 5

Gripe #7: "My cloud's in the way of my M&A."

Before entering into an outsourcing arrangement, consider the likelihood that your organization will be involved in an acquisition or divestiture, suggests Daren Orzechowski, New York-based partner in White & Case's intellectual property practice. "One of the most important provisions in outsourcing for cloud is to have certain divestiture and acquisition support provisions," Orzechowski says.

Essentially, it's a matter of ensuring that you can scale up or down no matter the direction your business takes you. If you acquire a company, you'll want to support it with the same or better terms for enterprise cloud resources. Similarly, if you sell off a part of your company, ensure that both buyer and seller won't be held hostage by rate hikes after the deal closes.

"Make sure you'll get the assistance you need from your vendor, and that the terms of how that will work are fixed at the beginning of the relationship, when you have more leverage," says Orzechowski. "Like any commercial relationship, if you've signed the original big contract and you're in, and then you need help down the road, your leverage isn't as good."

Gripe #8: "I'm relying on reputation as a security policy."

High-profile technology providers face enormous scrutiny from customers and investors, with reputational risk involved with even the smallest lapses in availability and security. Accordingly, cloud providers have the incentive and wherewithal to retain teams of dedicated security experts capable of coping with a wide range of fast-moving threats. All things considered, public cloud providers may be better than you at information security.

Smaller, non-IT-focused enterprises find it harder to locate, hire, and retain top information security talent, and it's not uncommon in business to see small, overworked IT departments where the responsibility for security is diffused and even a few steps behind.

But just because the largest cloud vendors employ the smartest guys in the room doesn't automatically mean that they should have oversight of your enterprise data.

Before entrusting enterprise data to a cloud provider, do your homework. "Go to their website and read the discussion boards and blogs. Go to the analysts. Go to the regulations in your industry," advises Mohammad Zaman, head of global solutions at Logicworks, a low-latency hosting provider in New York. "There are many different ways to find the right cloud service provider from a security perspective."

Or, simply follow the herd. "Everybody publishes customer references on their website," Zaman says. "How do you match up against them?"

Unfortunately, it's all too common that these reputation-based approaches to due diligence represent the extent of information that's available from cloud vendors for purchasing decisions.

It's a "buyer beware," remarks Zaman.