Without a Cloud Compliance Strategy, Businesses Can Quickly run into a Cloud Disaster


Covid-19 has forced many businesses to expand their use of cloud services considerably, including the short-term use of services that were previously unthinkable for good reasons or due to various types of resistance.

How can this situation be managed appropriately—in other words, how can the use of cloud services be initiated but also ended quickly and with minimal risk? In any case, the question “Is this use case and this cloud service the right one for us at this time?” is always going to be complex and difficult to answer.

In reality, a suitable implementation is only possible if all stakeholders (Business, IT, INFOSEC, CxO, GDPR, Legal, Purchasing, Finance) are included in a multi-phase, iterative and transparent decision-making process in a timely manner. This process may be more laborious today than it used to be, but any other approach leads to a high risk of unprofitable investments, unused cloud framework agreements, worthless use cases, security breaches and reputation loss, and operative problems.

A pragmatic but efficient Cloud Compliance Strategy that takes the entire process of cloud service integration into comprehensive consideration is the only appropriate way to reasonably ensure survival in a hybrid multi-provider environment.

We are currently implementing this concept successfully for some of the largest Austrian companies in the transport, energy, hospital, and insurance sectors.


Dr. Tobias Höllwarth is an associate at Sourcing International.