Cloud computing has become one of the hottest transitions in business computing in the last decade.
With virtualization taking the forefront in providing SaaS(Software as a Service), many companies have made the jump to the cloud in order to save money and be more efficient.
However, many of these companies have taken the iniative without due diligence in comparing their business plans and policies.
It is one thing to treat SaaS as just another computer tool with a dollar sign attached, yet another to evaluate the tool versus good business practices.
This includes services like Google Apps, Salesforce and Netsuite.
We have put together a list (prioritized in our opinion) that you might want to consider when choosing a cloud service:
 Backup – Does your vendor backup your data in a manner that is accessible to you?
That means should the internet go down, the provider go bankrupt or any other number of other issues with accessing your information, do you have access to your data?
A lot of cloud providers say they do, but have no method of providing it to you in a timely and straightforward manner.
 Data Recovery – Does your vendor have a data recovery clause or recovery plan listed in its agreement with you?
Restoring from backup is one element, but with if the vendor is faced with other disconnect issues? Where does that leave your business?
 Security – How secure is your data? This questions applies to things such as encryption, end-of-life data, deletion certification and proprietiary rights of access.
Does the cloud provider use any 3rd party connections or resources that have to touch your information in order to provide you the original service?
When you have your own servers and databases onsite, these types of questions are inheritantly answered by internal policy and do not require technical confirmation as they are a part of normal business operations.
 Ownership – Once you put your data in their system, who is the legal owner? Does the vendor comply to your business requirements or do you comply with theirs? Where is the data stored? Are their national and/or international laws affecting your data storage?
 Qualification – Is your cloud provider certified, verified and/or licensed by any parties or associations that can influence their service to you.
For example, do they belong to Verisign Secured, Systrust or Safeharbor which are all organizations that verify compliance to electronic encryption and privacy legislation.
Obtaining answers and recording them as part of your technology plan is a vital step in the decision process of choosing a vendor and sustaining a long term relationship.
In this way, ironically, it is more work and effort to ensure cloud computing is worth it.