SharePoint in the Cloud -Risks to Consider

Some of the most important risks to consider with adopting SharePoint in the cloud include:

• Data security: Hosting data in a remote data center exposes you to risk since data center staff or others outside of your organization might have access to your data.
• Dedicated or multi-tenant: A dedicated environment will provide the same capabilities as a server hosted in your environment, but it will cost significantly more than a shared environment that is used by many tenants. A multi-tenant environment like Microsoft’s Business Productivity Online Suite (BPOS) will be significantly less expensive than a dedicated environment, but there will be some restrictions on what you can deploy. Which environment is right for you? Why?
• Physical security: Data may be stored in many data centers. How can you ensure that the data centers hosting your data have adequate physical security to ensure integrity and confidentiality of your data?
• Data ownership and control: Read the fine print and make sure you know who owns the data. How can you be sure you are not held hostage now that your data is no longer under your control?
• Service level agreements: Do the service level agreements (SLAs) available in the cloud solutions you’re considering meet the needs of the business? Consider speed, uptime, and disaster recovery.
• System downtime compensation: What leverage do you have to ensure that you will be fairly compensated if the service is unavailable for any length of time?
• Data transmission across national borders: Data could be hosted anywhere in the world. What assurance do you have that you aren’t violating local laws and regulations where your data is stored or transmitted?
• Data discovery: What happens if the cloud provider is seized or searched by a local authority hosting your data? What rights do you have to protect and preserve your data?
• Identity management: How is the identity of users managed? Can you manage user identity and limit your exposure to outside system users through federation of identity stores?
• Third-party applications: Are third party add-ons needed to work within your solution? If so, do they run in the cloud, and what are the licensing implications?
• Your existing staff: How are they involved in the migration to the cloud, and what is their long-term role in a cloud-based solution?
• Data storage limitations: How much data can you store in the cloud, and what are the costs to increase the storage quota?
• Retrieval limits: What are the limits imposed on data retrieval? For example, can you retrieve 25,000 items from a list at one time? What does the business need? What limits are in place and what is required?
• Development considerations: What limitations have been introduced by the cloud-based offering? For example, all custom code should be put in a Sandbox with SharePoint 2010. What other limitations must be designed within the solution?
• Testing: How can you test prior to a full-scale deployment to the cloud?
• Data migration: How can you migrate data to the cloud environment?
• Data retention policies: How long is data maintained for disaster recovery purposes?