The cloud ate my business and other tales of woe

The cloud is one of the business worlds driving systems at the moment but how do you make sure the the change to the cloud does not damage your small and medium business or not for profit organisations.

We have all heard some of the horror stories of what can happen to businesses in the cloud.   Horror Stories like bad service, insecure systems and a loss of control over your own data.

How do you ensure that these things will not happen to you and your business in the move to the cloud.    There are a number of policies your can put in place that will help protect your business.   A mild sense of paranoia will help you to work out what can go wrong and lessen those risks.

They are

Internet access

You have control over your Internet and the connection to the Internet.   This connection is your life blood if your business transitions to a cloud based system.   Access to your information has to be protected.

Your Internet access is required to have the capacity to support your business and your staff access.   There are two locations that you need to ensure have the right connectivity.   Where your office is connecting from – needs to have the right speed and bandwidth so that your business does not slow down.

You also have to ensure that the connection at the other end can handle your access.   Where the provider is connected to the Internet has to also allow all of their clients to access the data without restricting that access.  If you notice slowdowns at specific times, first thing in the morning and after lunch, then the provider may not have the required bandwidth to support their cloud offering.


We have all heard it, something happens to your data and you no longer have access to it – what now!   The total reliance of your business on someone else’s capability is not a good situation to be in.   If the provider is backing up your data, where is it going and can they prove that they are doing it.

I always recommend that your cloud based systems have some level of off site backup to a location that you have control over.   If that is your office and the backup is in a format that can be imported into a local system then great, but that doesn’t happen very often.   All cloud based systems are databases and therefore your backup has to be a flat file variation of that system.   What you loose in workflow rules you gain in having the rest of your data.

Your cloud offering adaptability should also include service level agreements (check all clauses), guarantees and penalties to ensure that your business will never suffer at the hands of the cloud provider.


the management of your cloud system should be no different from the management of the rest of your ICT systems.    The policies, procedures and processes that you need for you business to be profitable needs to transferred into the cloud environment.

These processes need to be proven on the live system and also on the backup system.   You need to make sure that no matter where your business data is, and no matter what situation arises that your business is protected.

So in the even that the cloud has eaten your data, the risk assessment that you did prior to taking on the provider will protect your business from anything bad happening.    So although the cloud did not eat your data your business should thrive.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.