Wherever you turn in the tech space these days it seems that you can't escape the cloud. The idea that the burden information technology has imposed on businesses for years can be sloughed off to some magic realm where a tech genie does one's bidding on demand has a powerful attraction for organizations that feel like hamsters in a run-about cage trying to keep pace with the demands on their IT departments. But in this era of compliance and litigation, the cloud's allure can be a Siren's song.
For example, when a business loads its data into the cloud, it could reside anywhere—in another state or another country. If that business becomes embroiled in a lawsuit and needs to access that data to comply with an electronic discovery order, will the laws in the location where its data is located interfere with compliance?
How about data integrity? Is the business's data comingled with other people's data in the cloud. If it is, what legal entanglements could that produce when a plaintiff's lawyers appear on the doorstep?
While a cloud provider may be capable of expanding and contracting its services to meet an organization's information demands, it doesn't necessarily mean it's capable of promptly responding to the demands of a litigation hold or discovery order.
"These are all questions and concerns that should be addressed BEFORE committing to a significant use of cloud resources," John Sammons, an assistant professor and electronic discovery expert wrote in The West Virginia Record.
"The service agreement is a good place to start when evaluating cloud providers," he continued. "It should clearly explain how they would respond to these and other legal requirements."
"The cloud is already here and not likely to go away," he added. "Clients should be made aware that all of the linings in this cloud are not necessarily silver."