Five Real-World Tips for Creating Corporate Cloud Policies
(Photo by Sean Gallup/Getty Images)

Five Real-World Tips for Creating Corporate Cloud Policies

Are you creating a new cloud initiative? Want to start migrating users, apps. and workloads? It's time to make some new policies.

With cloud computing taking off at a very fast pace, some administrators are scrambling to jump into the technology. Unfortunately, many organizations are purchasing the right gear, deploying the right technologies, but still forgetting the corporate policy creation process.

One big push for cloud computing has been the concept of “anytime, anywhere, and any device.” More often than not this means allowing customers to use their own devices while pulling data from one or several corporate locations. Although this can be a powerful solution, there are some key points to remember when working with cloud computing policy creation.

After experiencing several cloud deployments, both large and small, I’ve seen some big success factors which help move the process along. The following five pieces of advice can fit into use cases spanning from simple cloud storage projects to entire cloud application and content delivery migrations. With that, if you’re working with the cloud consider the following:

1) Create Champions and Train Your Users

A positive cloud experience often begins with the end-user. This is why when creating a BYOD or mobile cloud computing initiative it’s important to train the user. Simple workshops, booklets, and training documentation can really help solidify a cloud deployment. Within large enterprises, executives will actually create and assign cloud champions. These are people who may be temporary folks from the actual cloud provider who are there full-time to assist with questions, comments, concerns, and even demos. In one large organization they set up several small kiosks to allow employees to test new devices, applications, and interfaces. This ease into the cloud allowed many of these companies to create a much more comfortable and accepting end user. Plus, post-deployment, you have a user that’s much more familiar with their new cloud environment. In turn, you see fewer help-desk calls and more user productivity.

2) Design New Cloud and Device Policies

Although a device accessing a cloud architecture may belong to the user, the data being delivered is still corporate-owned. This is where the separation of responsibilities and actions must take place. Users must still be aware of their actions when they are accessing internal company information. It’s important to create a policy which will separate personal and corporate data. There are a number of ways this can be accomplished. Creating secure application sandboxes on user’s devices is one way to lock down corporate data on non-corporate devices. When it comes to creating a new usage policy, a big recommendation is to actually explain what’s changing and how you, the organization, will be delivering data to user devices. This will help put users at ease when using personal devices. They’ll understand boundaries and how the information is actually getting there. Similarly, if the device is corporate-owned, show the user where usage policies are evolving and how this allows them to be secure and still productive.

3) Allow Users to Get Their Own Devices

One of the greatest strengths of cloud computing is that it can eliminate the need to manage the end point. Some estimates mark the management of a corporate desktop between $3,000 and $5,000 over the life of the computer. Many organizations are creating a stipend program allowing users to purchase their own devices where they are responsible for the hardware. After that, the company is able to deliver the entire workload via the cloud. This can revolve around both end-point and mobile devices. Remember, the whole point of the cloud is to allow workloads to be delivered to any device, anywhere. This kind of agility can allow for dynamic cost savings and more productivity. However, successful deployments of stipend programs work very closely with user training. This is also where a “device champion” can help users understand options, use cases, and how to be most effective.

4) It's Not Free for All. Have Approved Devices

Jumping from the previous point, when creating a cloud policy, it’s important to work around approved and tested devices. If BYOD is the plan, test out a specific set of devices which are known to work with the corporate workload. This should be done during the very initial stages of a cloud deployment. Are you creating an application delivery architecture? Are you designing a cloud app to be pushed down via a browser? Or maybe you’re creating a platform for desktop access and data delivery. The point is that different devices will behave differently given the workloads. It’s important to test this out. One successful way to do so is through a proof of concept. Today, device makers are eager to lend gear to organizations for end-user testing. This means you can create small users test groups and really understand application and cloud behavior.

5) Update General IT and Computer Policies

Almost every organization has a computer usage policy. With cloud integration, it’s time for an update. Devices are no longer sitting on the LAN. They are now distributed around the world. This policy should have a subsection outlining usage requirements, considerations, and responsibilities aimed at both the user and the organization. Remember, this goes beyond a new HR handbook. The new cloud and computer usage policies should define geo-fencing, accessing data which requires a VPN, and even how information is logged/monitored when delivered via cloud. These policies extend the users, your executive teams, and, very importantly, your IT teams. As critical as it is to get the end-user on board, your IT team has to be completely in sync with a cloud deployment. Defining new computer usage and IT policies around cloud helps assign roles, clarify new responsibilities, and how this impacts the overall team.

The reality is simple: having control over your cloud environment will revolve around the amount of time spent planning the deployment. There are many different verticals in the industry and lots of different ways to approach cloud policy creation. Still, the best piece of advice I can leave you with is this: Do your absolute best to align the entire organization. Some of the absolutely most successful cloud projects I’ve been a part of would involve every employee. Information was readily available and would be translated to the user based on their specific role. Basically a “how cloud will empower you” sort of guidance. In turn, you create users, champions, and a productive force firing on all cylinders to push your cloud initiative forward.

TAGS: Cloud
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.