Quick Quiz

By Barbee Davis, MA, PHR, PMP

I’m the project manager in charge of opening a small, new organization. The CEO wants me to use cloud computing for our IT services. What is this and how can I judge if it is appropriate for this project?

1. Storing your data in the same satellite facilities as crucial government files, cloud computing is ideal for you, but expensive. Price it.
2. For cloud computing, place your network of workstations on high racks to ensure a stronger wi-fi signal. This is perfect for a small organization’s needs. Install it.
3. Cloud computing involves placing your servers on a layer of hi-tech cotton to cushion them from unavoidable movement. Use it.
4. The risk involved with cloud computing, also known as virtual trafficking, is too high for an organization of your size. Avoid it.
5. Cloud computing could be a real cost-saver if you are comfortable with the potential risk and compliance issues. Evaluate it.

E.: Cloud computing could be a real cost saver if you are comfortable with the potential risk and compliance issues. Evaluate it.

New organizations face a sizeable capital expenditure to purchase the hardware, software and knowledgeable personnel to create and maintain an IT department. Many small entities consider acquiring those services, whether just software applications or remote services to provide all of their computing needs, from third-party vendors.

These virtual IT departments are labeled cloud computing, a metaphor for computer services delivered over the Internet or “from the clouds”.

Purchasing Considerations

With cloud computing, you pay for only the amount of services you use (utility computing), much as you receive a monthly bill for the office lights, gas and water. Other providers have a subscription option, an “all you can eat” type plan for a set monthly fee. Often, you have the added ability to access your data from virtually any location and on a variety of computer and mobile devices.

As with any outsourcing decision, there are financial, service, compliance and risk considerations to explore. On the plus side, the start-up expenses are minimal. You have no equipment, software, IT staff, maintenance, repair, upgrades or utility costs. And by sharing services, the vendor can balance your peak usage times with those of other users around the world to give you round the clock productivity.

Service Considerations

However, as you are doing this make-or-buy analysis do not overlook other important factors. When your data is no longer physically on-site, you lose a certain amount of control. Ask yourself the following questions:

• How important is the security of your data?
• Would you prefer to have control of how quickly the system gets up and running again if there is a service outage?
• Would a hacker be more likely to attack a large vendor than your small shop?
• How easily could you transfer data if your provider goes out of business?

No matter how vigilant vendors are, news stories abound regarding violations of data privacy. Some argue customer data is more secure if you control it within your own IT department. Others feel you may find outsourced security as good or better than you could arrange at your home site, due to the economies of scale vendors enjoy.

Regulatory Considerations

Consider the industry standards you must meet. Federal Information Security Management Act, FISMA, (U.S.); Sarbanes-Oxley, SOX, (U.S.); Health Insurance Portability and Accountability Act, HIPAA, and HITECH Act of 2009,(U.S.); Data Protection Directive, DPD; (EU); PCI Data Security Standard, PCI DSS, (U.S.); Credit CARD Act of 2009, (U.S.); and IT Act, (India); are only a few that might affect you.

Risk Considerations

As project managers, we learn that one way to transfer risk is to hire a third-party to assume it. However, outsourcing your IT services through cloud computing does not necessarily off-load your corporate risk to the vendor. You still own the risk and liability.

Check to see if your organization’s data legally needs to remain in a specific geographic location. If it does, be sure the vendor contract states that you have recourse if their systems architecture changes or your provider outsources your data storage or management outside your home country boundaries.

If your analysis reveals cloud computing is for you, follow the CEO’s lead. You can enjoy less administrative overhead and have more time to focus on projects that add value and market share to your new organization.

Barbee Davis, MA, PHR, PMP, is a reviewer for the global PMI Registered Education Provider Review Team. She owns Davis Consulting and is a published author, speaker, writer of training materials and an innovator in presentation skill workshops for corporate trainers. She holds a Black Belt in MS Project and teaches at the university level.

Her new book, 97 Things Every Project Manager Should Know, includes practical tips from experienced project managers around the world. Hear her speak at the PMI-San Diego 7th Annual Conference, on 97 Things Every Project Manager Should Know, May 14, 9:15 am.  Ms. Davis is available for speaking engagements and encourages your questions or comments.