There’s a change underfoot, which is likely to bring big challenges to IT Law in 2015. It’s all to do with the cloud and it’s likely to make things much more complicated. There’s little doubt that cloud adoption will continue to grow in 2015. The benefits that it brings in terms of cost savings and functionality means that it will be hard to resist its lure, even for companies that have a tradition of managing things on premise.
This continuous shift towards a more cloud based society has its consequences though.
Whereas some of the larger cloud services providers like Microsoft, Google and Amazon have a global reach, the majority of cloud service providers don’t. In order to compete they therefore need to work with subcontractors and partners to deliver the full solution. A chain of many parts is only as strong as its weakest link and with many service providers often necessary, there is an increased risk of failure of service. Insolvency, service failure of poor communication between cloud service providers can result in a big impact to the customer’s business. The legal implication is that processes need to be developed to safeguard the customer – subcontractor swap out, accountability, SLA’s and risk assessments all need to be agreed and demonstrated to mitigate risk of subcontractor failure.
In addition, more diligent background checks not only of the primary contractor, but also the subcontractors will be required to reduce the likelihood of insolvency.
With an increase in cloud adoption, customers are more likely to entrust higher value services to the cloud. The contractual elements are therefore likely to become more complex with service level and liability terms requiring harder negotiation. Cloud service providers are likely to resist taking accountability for areas outside of their control, but tougher demands from customers may see a lengthier contractual negotiation period.
As customers entrust more of their data to the cloud, management of customer’s data by the cloud service provider will be under tight scrutiny. Therefore the legal sector is likely to carry out rigorous checks on providers including ISO27018, in addition to the financial checks already mentioned.
A possible solution?
The legal sector has identified disaster recovery as one way to help reduce the risk of this impending challenge. By bringing the scenario of multiple subcontractors, with multiple risk points under one provider for accountability of resilience, this provides peace of mind against the vulnerability of failure. Recovery time and recovery point objectives can be determined by the customer so that the risk is managed to their requirements. We therefore expect to see a rise in the demand for disaster recovery solutions driven by the legal sector in order to control the risk of the increasing cloud adoption in 2015.
For more information visit www.planb.co.uk
By: Ian Daly