more-arw search

Q&A Forum

Why did your company decide for or against moving to the cloud?

If you did, what were the main drivers for the move? If you’re still thinking about it, what does the decision hinge on?


(Manager) |

Our company is still in the decision phase.

I'm personally, kind of dubious of the whole cloud, cloud, cloud push and I think our senior management are as well. I understand that one wouldn't be maintaining servers, but then there's the security risk, transition/integration/training cost, and the rest.

I'd be curious to hear more from someone who has been there and done that to see how it actually worked out for their organization.

Not to sound like a Luddite, but it kind of reminds me of a comparison I read about some years ago where they compared a paid-for 1987 Mazda GLC to a new Prius for cost and environmental impact. It turns out that the already-paid-for Mazda GLC with pretty good gas mileage was both a cost and environment winner.

Sarah Jackson
Title: Associate Editor
Company: Proformative
(Associate Editor, Proformative) |

Anonymous, I agree with you that following the herd may not be the way to go.

You may want to check out this Thursday webinar here on Proformative:

"Three Steps to Building the Case for Moving to the Cloud"

I think a system to analyze ROI could be a real plus.

Best... Sarah

(Internal Auditor Lead) |

For some segments, I believe that moving to the cloud posses an unacceptable risk. Government agencies should maintain the custody of the records of citizens and not transfer the responsibility to the purveyors of cloud services which may have servers located in diverse and sometimes undisclosed countries. With the geopolitical climate and the increase in security breaches, this maybe a Pandora’s Box.

Bill Chorba
Title: CFO
Company: NineSigma, Inc.
(CFO, NineSigma, Inc.) |

We did it for several reasons:

1. We are a global organization, yet somewhat small, so we needed easy, secure access to our systems and data from any location worldwide in a cost-effective manner.
2. Or core business is not data security and system business continuity/disaster recovery, so we wanted to place our systems with the blue chip companies whose business models depended on security, system integrity and access.
3. We prefer the systemic, steady license costs over the "lumpy," less predictable spending needs for IT infrastructure that is owned and managed.
4. The cost savings of reducing our IT staff validated the licensing costs of the systems we use in the cloud (Office 365, Salesforce, Liferay, Solium and Quickbooks).

No blanket rules exist for why a company should or should not go to the cloud. We just know it works for us.

Denise Loter-Koch
Title: President/CEO
Company: empoweredNW
(President/CEO , empoweredNW ) |

I agree with the notion that there are no rules that can be applied when it comes to the cloud. Each business needs to analyze their needs and wants to see if cloud services or technology can be integrated into their strategy.

The experience my firm has had sounds similar to that we enjoy the reduced IT costs, ability to access data remotely, and predictable/scalable costs involved. The only thing on your list that I would want to expand on is security. A lot of people seem concerned with how secure the cloud is, and I think that has a lot to do with the potential for hackers or viruses. What they are not considering is other data risks. Having all your data stored on one server in your office isn't secure. Having your employees store data on laptops that they use remotely isn't secure. And like you, my business doesn't have extensive on-site IT staff. So as you said, placing your trust in service providers that excel in areas of data security or disaster recovery makes sense.

Dabney Wellford
Title: CFO
Company: Wellford Consulting
(CFO, Wellford Consulting) |

I came into an implementation of Netsuite at my last company. While the points of reduced 'local' infrastructure are valid, I never got full assurance of the replication of the data or the overall security. I once heard an IT professional say that "I have not heard of anyone having problems, so it must be OK." (I would have fired him.) I agree with most of the comments above, I would steer clear of the low cost solutions, as they are all about providing a low cost solution, not providing security.

I wish that I could say that the AICPA provides great guidance in getting a solid compliance report that has teeth, but that does not exist. Best thing to do is to go in with "eyes wide open".

Mark Matheny
Title: VP - FInancial Planning and Analysis
Company: Novolex (formerly Hilex Poly)
(VP - FInancial Planning and Analysis, Novolex (formerly Hilex Poly)) |

Holding at this point. Want to get more comfortable with security and access before moving mission critical processes to "cloud." Get more comfortable everyday, but not there yet.

Theodore Omtzigt
Title: CEO

The 'cloud' as a solution to deliver information technology solutions is more akin to a banking analogy. All modern businesses need IT for a web presence, AR/AP, collaboration, communication, etc. One big problem is to deliver a good and improving customer experience as folks have grown comfortable with Google and Amazon, and to keep all the digital bits secure.

The banking analogy is this: you could manage your own cash, but generating value and keeping that cash secure is difficult, expensive, and dangerous. A bank can do a much better job because of the power of amortization and business purpose the bank can spend more money, time, and focus on these issues of value creation and security. Similarly, the cloud ecosystem and the SaaS vendors that offer solutions to web presence, AR, AP, ERP, CRM, etc. they will be collectively much stronger and more secure than your business would be able to do it for itself.

Because the underlying economics and the increased complexity to deliver global IT services, the cloud and SaaS are going to consume traditional IT. The SMB segment will most likely go completely cloud and SaaS and use managed services for internal networks and devices. The enterprise will always have a need for a local IT service but it will be managed and operated like a cloud.

There are concerns with respect to accountability and security, and the appropriate response to these issues is the same as we would have with respect to our money. You fundamentally give away control when you 'outsource' the keeping of something. If I place money at JP Morgan or Bank of America, I have no control over that fact that they may use it to launder drug money. So, you need to maintain the ability to move and hedge your financial services. So is the case with IT and cloud services. Ultimately, the business is responsible for data loss and data leaks, and there are well established solutions to these problems that business actually should already have implemented in their own internal processes, the cloud just makes it more important. The test is very simple: all bits at rest need to be encrypted typically using an asymmetric cipher that the company owns, and all bits in motion need to be encrypted with a symmetric cipher. And all modifications of the ciphers need to sit behind an approval process and need to be tracked for forensic and repudiation tests.

Products and Companies

Get Free Membership

By signing up, you will receive emails from Proformative regarding Proformative programs, events, community news and activity. You can withdraw your consent at any time. Contact Us.

Business Exchange

Browse the Business Exchange to find information, resources and peer reviews to help you select the right solution for your business.

Learn more

Contribute to Community

If you’re interested in learning more about contributing to your Proformative community, we have many ways for you to get involved. Please email [email protected] to learn more about becoming a speaker or contributing to the blogs/Q&A Forum.