Cloud Computing for Charities – A Value Proposition
We recently hosted "Getting Ahead in the Charity Cloud"; an interactive charity IT roundtable event
led by a panel of industry experts.
The panel included Richard Cooper (Director of Programmes, Charity Technology Trust), Andrew Brenson (IT consultant and former Head of IT, Save the Children), Databarracks' Peter Groucutt (Managing Director) and representatives from some of the UK's largest charities.
A hot topic of the day was the conflict IT professionals experience when debating a move to cloud services. What is the biggest deciding factor - cost or security? It quickly became apparent that this is a decision that plagues many managers working within the charity sector, and the attendees of our event were no exception. Due to their nature, charities handle a lot of sensitive data - making security a high priority. However, due to the tight budgets IT teams face; we have found that cost is a major consideration in any business decisions made within charitable organisations.
Data security is understandably a big concern for a lot of customers we work with, and this was very evident at the roadshow. With recent data loss scandals from the likes of the NHS and local councils, the question on everyone's mind was: how do you protect your customer/donor data if it's not stored onsite? For many, the idea of cloud services conjures up scary thoughts of your data suddenly being in the public domain, free for anyone to access. But, as some of the more experienced cloud users flagged, this is not the case if you undergo the correct due diligence. Partnering with a reputable Cloud Service Provider (CSP), with the relevant security accreditations, will limit the risk of security breaches.
Advice from Andrew Brenson focused strongly on knowing where your responsibilities lie. Reading the terms and conditions of your contract is crucial - even if your data is encrypted, this means nothing if you don't hold the encryption key. As we have often said, security breaches rarely stem from technical faults, they are usually down to human error. By implementing tight controls and processes, you'll limit the risk of a damaging data loss.
The flip side to this argument was the cost involved in deploying cloud services. The budgets of NGOs and charities are tighter than ever, and IT professionals are struggling to do "more and more, with less and less". Due to this, the concept of a community cloud was an idea that many charities at the event were open to and have considered; sharing a pool of resources and therefore sharing costs. Many charitable organisations highlighted very seasonal fluctuations in their demand, usually triggered by particular events or campaigns. This means for a large proportion of the year their resources sit unused, suggesting that a shared platform for charities would be extremely useful in cutting costs and reducing wastage. While this is a great idea in theory, it doesn't come without its problems.
As experience has shown, a community cloud is particularly good for sharing resources that are common and generic. Keeping the process as simple as possible is essential in maintaining viability. Problems may come in, however, when one organisation within the community wants to develop a certain service more specifically. This complicates things in terms of processes and payments.
There is no simple answer to cloud services. A lack of definitive answers was the overwhelming consensus from most of the attendees. Most IT professionals we speak to are aware of cloud services, and are even aware of the benefits and risks associated with them. What they seem to be crying out for is more guidance on how these relate to their organisations specifically, and where they can go from here.