When it rains it pours, and I’m not talking about the weather. There is so much discussion around cloud computing these days it is interesting to see how the various industries are handling cloud and the unique opportunities and risks it presents. Some of you may wonder why I keep bringing up cloud risk and cloud security and the reason is simple. Being in the industry we all know the benefits of cloud and managed services. However, outside our industry, the rest of the known universe is right now engaged in a discussion about the security risks involved in outsourcing to cloud providers and unless we address these concerns, we run the risk allowing others define our industry and profession for us. This is not good.
My recent Wall Street Journal article on cloud computing standards seems to be well timed given the similar commentary in other industries like banking and financial services. This article, openly criticizes the FFIEC’s guidelines on cloud service providers and says it really misses the mark in terms of accurately assessing how to outsource to cloud providers. Another document recently published by the European Commission on cloud computing seems to indicate a posture of self regulation within the cloud and managed services industry. The reason for this position is the complexity and fast changing nature of managed services and cloud; outside organizations would merely be playing catch up with the cloud profession.
MSPAlliance took a gamble over 8 years ago by writing its own standard (UCS) for MSPs, and now cloud providers. That standard has been constantly gaining legitimacy and adoption on a global scale to help a wide array of industries answer complex questions about how to properly and safely outsource.
We will continue our work at the MSPAlliance, just as the rest of the world tries to come to grips with how best to use managed services and cloud computing.