Hasty cloud adoption increases companies' risk profile
This is the view of Ian McAlister, general manager at CRS Technologies, who says that while cloud computing holds several benefits, organisations need to think carefully before migrating all their functions to this environment.
“There is no doubt that data has become fundamental to business growth and cloud computing has transformed the business landscape over the last two decades. This being said, valid concerns around the availability and security of data stored in the cloud continue to hamper its adoption. This is especially true for sensitive information such as HR and payroll.”
According to McAlister, the cloud has failed to deliver on the cost-benefit that the market eagerly anticipated when it was first advocated, and it is also not the impenetrable security haven that its proponents claim.
“On the contrary, because data stored in the cloud is accessible from anywhere on the internet it has merely served to create huge opportunities for cyber-terrorists who love nothing more than a good hacking challenge. All it takes is a disgruntled employee or careless password security to leave your system vulnerable to a cyberattack.”
Consequently, decision-makers contemplating a migration to the cloud need to familiarise themselves with the differences between the various cloud platforms available and fully understand the pros and cons of each.
“Data in a public cloud environment is accessed through the internet, which means it is significantly less secure than its private counterpart, where companies have a dedicated server at a secure location with applications that can be customised to their unique requirements.
While the latter model is ideal for HR and payroll departments, given the sensitive nature of the information they deal with, McAlister recommends the hybrid cloud as a more practical approach. “Companies can enjoy the flexibility and computing power of the public cloud for non-sensitive tasks, but keep business-critical applications and data on-premise,” he explains.
“Storing sensitive HR and payroll data on-premise not only renders it more secure but ensures much quicker access to the information because users don’t have to contend for bandwidth or be concerned about downtime.
“Consider, for example, the slowdown in internet speed during the recent undersea cable breakage and its impact on the timeous payment of employees’ salaries. Now imagine the financial and reputational fallout for an organisation whose information is lost, compromised, or becomes unavailable owing to the cloud storage provider going down.”
Another important consideration is that of regulatory compliance, McAlister continues. “Data must be stored and maintained in accordance with the Protection of Personal Information (POPI) Act, which is expected to come into effect soon. Companies who fail to comply with this legislation will be held accountable through harsh penalties and even jail time if their data is compromised in any way. This responsibility may not be shifted to the cloud storage provider, regardless of what your contract may state.”
Information has become mission-critical to the running of a business and HR and payroll is rapidly becoming one of the primary sources of data that enables CEOs and top management members to make decisions impacting the strategic direction of the organisation.
Consequently, companies must be aware of the implications of where their data is stored – from a cost, security and legislative point of view – and ensure they take full advantage of the business benefits offered without compromising on their competitiveness.