The data driven cloud
Ashburn, VA 20146
Our combined expertise and experience in IT, data and information policy and management ensures our customers of more efficient and compliant clouds.
In almost every business, information assets are among the most valuable. Whether the information relates to patents, business processes, formulas, manufacturing data, sales data, customer data, marketplace data, customer lists or any other variation of commercially valuable information, managing and protecting the information is vital. Equally important for most businesses is the ability to leverage existing information to gain new insights and grow the business. Prior to the advent of cloud computing, “governing” data involved IT implementing a series of policies, procedures and people to ensure that the information assets were properly controlled and managed on servers housed in the data center. As cloud computing has become available on a widespread basis, the business push for new insights and capabilities, along with attractive pricing versus traditional enterprise data center solutions for IT, has created a “rush to the cloud” with one significant casualty along the way: governance.
Why Does “Governance” Matter?
For A3, good information governance in the cloud yields many benefits, including:
• Commonality of contract provisions that ensures that all partners in the new information ecosystem meet all fundamental security
and performance requirements and that the information assets will be handled in accordance with the holistic enterprise plan for
• Auditable assurance that the enterprise’s business information is managed and maintained according to necessary security standards
• Enabling automated, secure and effective data handling for archiving and disaster recover
• Intelligent transfer of information assets to the cloud that maximizes existing investments in software and infrastructure
• Enabling the portability of data over time between cloud service providers, avoiding the “data trap” or “stickiness” that comes from
long term commitments to single cloud storage and service providers
• Awareness and access to the enterprise data 24/7/265
• Ability to ensure compliance with national and local laws, rules and regulations pertaining to the retention and accessibility of
information as requires
• Ability to meet internal audit and investigation needs to access and asses data in a timely and secure manner
• Ability to help the organization meet and external demands (regulators, external investigations, criminal and civil lawsuits) requiring
the preservation and production of information.
In contrast, the absence of good governance can create substantial immediate and latent risks, including:
• Being unable to know where data is to ensure compliance with data privacy and protection requirements.
• Being unable to assure regulators or shareholders that key information has been properly maintained and is accessible
• Getting locked into contracts where the cloud provider has the proverbial “keys to the kingdom” in terms of software licenses and
passwords where a provider failure can result in a catastrophic loss of data access and utility by the enterprise.
• Having inconsistent or inadequate contract provisions that allow the enterprise to efficiently and affordably migrate data to new
storage locations or take advantage of new applications because of “lock-ins” (stickiness).
• Losing price negotiation leverage by being unable to migrate data freely due to contract “lock ins”
• Chaotic movement of data to cloud environments that ignore existing platforms that can still be leveraged or breaking linkages with
other systems that cannot be moved to the cloud environment at the same time
• Loss of ability to control data storage cost due to the inability to manage flow of data from primary to archival store
• Lack of visibility into auditable automated disaster recovery capabilities that can impair business continuity
• Inability to demonstrate compliance with national and local laws, rules and regulations pertaining to the retention and accessibility of
information that can lead to substantial fines and penalties
• Inability to meet internal demands to investigate issues, resulting in operational inefficiencies and risks
• Inability to meet external demands for information preservation and production, resulting in criminal or civil fines and penalties.