BOSTON -- While a cloud migration sounds great in theory, there are several obstacles to overcome -- especially in heavily regulated industries such as healthcare, financial services and government.
In the healthcare industry, for example, a data security breach is a common concern, and a valid one, as they do happen. The companies who plan ahead are the ones who handle it best.
No one seems to understand the regulatory environment, what’s needed and what the right steps are to take.
director of regulated industries, Citrix Systems Inc.'s ShareFile
"Take off your blinders," said Larry Freedman, partner at Edwards Wildman Palmer, a law firm based in Boston, at the Cloud Computing East conference here this week. "Proactively, aggressively get a program in place," he added.
One way a company can prepare is to have a business plan that lays out exactly what to do when a security breach happens, Freedman said. Effective plans must include notifying regulators and placing customers on a redundant network, he said.
"It's about securing data and having a plan in place for what happens when there is a breach," he said.
Regulatory issues and cloud adoption
Healthcare IT pros turn to the cloud because they want a centrally managed location to better handle complex systems, such as electronic medical records and digital imaging and communications in medicine.
"If I'm a customer, I need a deep understanding of the regulatory issues, how I will address them and what my priorities are," said Brian Benfer, director of regulated industries at Citrix Systems Inc.'s ShareFile.
"No one seems to understand the regulatory environment and what's needed, and what the right steps are to take," he said.
Indeed, there is a lot of confusion as to what the rules are for using cloud in the healthcare industry, Freedman said.
One of the reasons that government agencies resist jumping into the cloud has little to do with technology.
"It's political more than anything else," said Larry Veino, director of data center practice at professional services firm Presidio Corp., based in New York. "All these agencies have their own agendas, their own motives, and they're held accountable to execute. They are in a similar position to where the healthcare industry was a few years ago."
Government agencies also face substantial scrutiny with their decision to move to cloud.
"If I'm a CIO at a hospital or a financial institution, I have shareholders, I have stakeholders," Benfer said. "But If I'm in the public sector, I'm reporting to a legislator who's reporting to voters.
"There are real political concerns, and nobody wants to be the one who caused the problem," he added.
Before embarking on a cloud migration, regardless of sector, an organization must understand what each vendor offers and how flexible they will be in this fast-changing market.