How the Cloud Can Turn Toxic

Technology attorney Matthew Karlyn tells CIOs how to avoid poisonous cloud contracts

Companies large and small have gone gaga over cloud computing. But while it can cut costs (See “What the Cloud Really Costs: Do You Know?”), CIOs need to understand the risks when moving essential business processes to the cloud. Reporter Robert Lemos talked with Matthew Karlyn, a partner in the technology practice at law firm Foley and Lardner, who says companies need to focus on the contracts they sign. Failing to do so can open them up to a world of hurt.

Are companies ­getting into the cloud without considering outcomes?

There are companies out there that are well aware of the risks and, more importantly, how to reduce them. But there are a lot of companies that don’t have experience when it comes to the implementation of cloud applications and cloud infrastructure and don’t do a good job.

A business can be disrupted if a ­service it relies upon goes down. Is there ­anything a company can do about that?

In a contract, that’s one of the essential things that you’re trying to protect against. You have to ask: What could go wrong? You’re no longer in control of the data; some vendor is. And what you need to get really comfortable with, through due diligence and contractual terms, through auditing and benchmarking, is that the vendor can protect the data at least as well as (but hopefully better than) you could. The risk is that one day you wake up and see the news that your supplier just suffered a breach and it was all your data.

What questions should CIOs ask of their providers to minimize that risk?

To continue reading this article register now

Download CIO's Roadmap Report: 5G in the Enterprise