Cloud Accounting Practice Management Small Business

Business Data Storage in the Cloud

Written by Joanie Mann

The term “cloud” has been applied to all sorts of online or Internet-based application models, and there are a great many approaches to developing cloud-based services and solutions. What this translates to is a volume of options and possibilities for information storage, management, and access in the cloud.Data Storage in the Cloud

Understanding where information is stored, how it may be accessed, and how it might be transmitted to others becomes essential knowledge that business owners should have when they engage with any information technology (IT) solution or service. Yet the plethora of “simple, affordable, and instantly gratifying” services currently available on the web all but ensure that businesses will engage with one or more solutions that provide them with little or no information (much less control) over the placement and management of their data.

It Used To Be So Easy

With previous technology models – those that are rapidly becoming “legacy” in the minds of technology professionals – data management and locating business data were fairly straightforward. It was all right there . . . on the hard drive in the server, and the backups were stored on tape. All of it was either in the office server room or closet, and perhaps a backup tape was rotated “off-site” on a weekly basis (off-site often meaning a drawer in the home of the business owner or IT manager). Most businesses felt their information was as secure as it needed to be, and as long as the tape drive was functional, the backups would work just fine.

With remote and mobile computing leading the charge, businesses are now finding that information – data in a multitude of forms and formats – is being replicated, synced, copied, and ported around like it’s everybody’s business. For reasons of simplicity and enabling workers to get work done without having to bother the IT team (bother = consult, in most cases), valuable company information is wandering around and through numerous networks and systems, often without the user even realizing it. It’s just that simple – which makes it pretty scary, too.

Data Storage in the Cloud Makes It More Complicated

Even though hosted applications, software as a service (SaaS) solutions, and cloud server hosting offerings are all built from actual computers in actual networks, the ubiquity of the cloud in many ways obscures the view into where services and data storage are actually provisioned from, often removing the ability of the business to understand at any given moment exactly where information may be stored.

More concerning is the practice of developing application and data integrations, which may benefit customers, but which are introduced without the customers being given the choice of sharing their data with another system or not. A “connected ecosystem” of applications and services can provide some of the benefits that legacy enterprise resource planning (ERP) and similar frameworks provided, and may even provide customers with a modicum of choice in terms of selecting integration partners or providers. Quite frequently, however, data sharing occurs without customer knowledge or specific consent, challenging even the most capable IT and risk managers.

Know Where Data Is Now and Control Where It Goes Later

Data management in a cloud and mobile computing business is a challenge that isn’t going away. And it’s not enough to simply know where the data is stored; it’s essential that the business understand the possibilities for accessing the data – by users, by other systems, and even by other cloud-based applications – in order to quantify and manage the risk associated with business data storage in the cloud.

The best way for a business to approach the problem is to:

  • Establish a set of questions for each provider,
  • Understand each provider’s security policies and certifications, and
  • Delve deep into the service-level agreements to ensure the specific services and coverage a business needs are included.

Additionally, knowing what information is available for access to mobile users and devices is essential. Device and access (mobility or bring your own device [BYOD]) policies should be in place, and adherence should be monitored closely to help ensure protection and privacy of business data.

It’s not enough to simply assume that data is secure and users are following policy. Businesses must take active steps to ensure their users and service providers alike are meeting the established requirements to keep business information in the cloud secure.

image  Make Sense?



© 2014 by Joanie Mann


About the author

Joanie Mann

Joanie Mann is a recognized authority in the areas of ISV cloud enablement and ASP service delivery, providing consulting services to platform and hosting providers establishing service models oriented toward small business customers. Her extensive work with accounting professionals worldwide has positioned her as an expert consultant and advisor to practitioners looking to leverage cloud accounting solutions, web-based applications, and Internet technologies in their firms and with their clients. Joanie is the author of Cloud Computing Explained for Normal People. You can see Joanie’s blogs at:,, and


  • Good article and should stimulate people to consider what data security means to them. As I see it ‘the cloud’ has yet to offer the same ‘I can sleep soundly’ surety that traditional on-premise backup solutions provide. Having said that many people are entirely happy with that, which is absolutely fine, people define their own standards.
    Not often mentioned are two other points that relate:
    1. Business security. How financially secure is the company that you trust your data to, what is the remedy to recover your data should the cloud provider get into financial difficulty and
    2. If you are able to recover your data from a cloud provider is it in a format that is re-usable? Can it be ported to another application?

Leave a Comment