Legal challenges of cloud based enterprise 20

672 views

Published on

Presentation given at the "Enterprise 2.0 in Europe" workshop where the results of the interim report of the “Enterprise 2.0 study were presented and discussed with experts
Brussels, 14th of September 2010

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
672
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Legal challenges of cloud based enterprise 20

  1. 1. Legal Challenges of Cloud-Based Enterprise 2.0 <ul><li>14 September 2010 </li></ul><ul><li>Mike Thompson Headshift </li></ul>1 Enterprise 2.0 study Enterprise 2.0 study
  2. 2. Overview <ul><li>Introduction to Cloud Computing </li></ul><ul><li>Data Storage, Transfer and Jurisdiction </li></ul><ul><li>Security </li></ul><ul><li>Data Portability, Interoperability and Service Continuity </li></ul><ul><li>Service Level Agreements and Liability </li></ul><ul><li>Pricing </li></ul><ul><li>Conclusions </li></ul>Enterprise 2.0 study
  3. 3. What is Cloud Computing? “ Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” The NIST Definition of Cloud Computing Enterprise 2.0 study
  4. 4. Drivers of Cloud Computing <ul><li>Cost Reduction </li></ul><ul><li>Turning CAPEX into OPEX </li></ul><ul><li>Improved Time-to-Market </li></ul><ul><li>Going Green </li></ul><ul><li>The Future of Cloud Computing - Opportunities for European Cloud Computing Beyond 2010 </li></ul><ul><li>http://cordis.europa.eu/fp7/ict/ssai/docs/cloud-report-final.pdf </li></ul>Enterprise 2.0 study
  5. 5. Conceptually Seductive? From Flickr user tipiro Enterprise 2.0 study
  6. 6. Enterprise 2.0 study
  7. 7. Legal Complications “ In the real world national borders, commercial rivalries and political imperatives all come into play, turning the cloud into a miasma as heavy with menace as the fog over the Grimpen Mire that concealed the Hound of the Baskervilles in Arthur Conan Doyle’s story.” From Storm Warning for Cloud Computing by Bill Thompson http://news.bbc.co.uk/1/hi/technology/7421099.stm Enterprise 2.0 study
  8. 8. Why is this relevant to Enterprise 2.0? Enterprise 2.0 study
  9. 9. Overview <ul><li>Introduction to Cloud Computing </li></ul><ul><li>Data Storage, Transfer and Jurisdiction </li></ul><ul><li>Security </li></ul><ul><li>Data Portability, Interoperability and Service Continuity </li></ul><ul><li>Service Level Agreements and Liability </li></ul><ul><li>Pricing </li></ul><ul><li>Conclusions </li></ul>Enterprise 2.0 study
  10. 10. Where is my data? Enterprise 2.0 study
  11. 11. Finding: Very little public information about data location and jurisdictional issues Enterprise 2.0 study
  12. 12. Overview <ul><li>Introduction to Cloud Computing </li></ul><ul><li>Data Storage, Transfer and Jurisdiction </li></ul><ul><li>Security </li></ul><ul><li>Data Portability, Interoperability and Service Continuity </li></ul><ul><li>Service Level Agreements and Liability </li></ul><ul><li>Pricing </li></ul><ul><li>Conclusions </li></ul>Enterprise 2.0 study
  13. 13. Finding: Data Centre Security most tightly managed, providers adhering to quality standards Enterprise 2.0 study
  14. 14. Finding: Data encrypted in transit but not in storage Enterprise 2.0 study
  15. 15. Finding: Status of data deletion on contract termination unclear Enterprise 2.0 study
  16. 16. Finding: Access control provisions more limited than in on-premise software Enterprise 2.0 study
  17. 17. Overview <ul><li>Introduction to Cloud Computing </li></ul><ul><li>Data Storage, Transfer and Jurisdiction </li></ul><ul><li>Security </li></ul><ul><li>Data Portability, Interoperability and Service Continuity </li></ul><ul><li>Service Level Agreements and Liability </li></ul><ul><li>Pricing </li></ul><ul><li>Conclusions </li></ul>Enterprise 2.0 study
  18. 18. Finding: Customer has limited period of time after contract termination in which to retrieve data Enterprise 2.0 study
  19. 19. Finding: No attempts to address issues of service continuity Enterprise 2.0 study
  20. 20. Finding: Transferring and translating data between providers remains non-trivial Enterprise 2.0 study
  21. 21. Overview <ul><li>Introduction to Cloud Computing </li></ul><ul><li>Data Storage, Transfer and Jurisdiction </li></ul><ul><li>Security </li></ul><ul><li>Data Portability, Interoperability and Service Continuity </li></ul><ul><li>Service Level Agreements and Liability </li></ul><ul><li>Pricing </li></ul><ul><li>Conclusions </li></ul>Enterprise 2.0 study
  22. 22. Finding: Provision of information on SLAs was patchy Enterprise 2.0 study
  23. 23. Atlassian Hosted Services “ ATLASSIAN AND ITS LICENSORS MAKE NO REPRESENTATION, WARRANTY, OR GUARANTY AS TO THE RELIABILITY, TIMELINESS, QUALITY, SUITABILITY, TRUTH, AVAILABILITY, ACCURACY OR COMPLETENESS OF THE SERVICE OR ANY CONTENT THEREIN OR GENERATED THEREWITH. ” From Atlassian Hosted Services Terms of Use Section 12 http://www.atlassian.com/hosted/terms.jsp Enterprise 2.0 study
  24. 24. Google Apps Premier “ Google Apps Covered Services web interface will be operational and available to Customer at least 99.9% of the time in any calendar month (the &quot;Google Apps SLA&quot;). If Google does not meet the Google Apps SLA, and if Customer meets its obligations under this Google Apps SLA, Customer will be eligible to receive the Service Credits described below.” From Google Apps Service Level Agreement http://www.google.com/apps/intl/en/terms/sla.html Enterprise 2.0 study
  25. 25. Finding: Liability limited to amount paid in service fees by customer over a set period of time, redeemable only in the form of service credits Enterprise 2.0 study
  26. 26. Overview <ul><li>Introduction to Cloud Computing </li></ul><ul><li>Data Storage, Transfer and Jurisdiction </li></ul><ul><li>Security </li></ul><ul><li>Data Portability, Interoperability and Service Continuity </li></ul><ul><li>Service Level Agreements and Liability </li></ul><ul><li>Pricing </li></ul><ul><li>Conclusions </li></ul>Enterprise 2.0 study
  27. 27. Finding: Services operated on a monthly subscription basis with a price per user and a minimum number of users Enterprise 2.0 study
  28. 28. Overview <ul><li>Introduction to Cloud Computing </li></ul><ul><li>Data Storage, Transfer and Jurisdiction </li></ul><ul><li>Security </li></ul><ul><li>Data Portability, Interoperability and Service Continuity </li></ul><ul><li>Service Level Agreements and Liability </li></ul><ul><li>Pricing </li></ul><ul><li>Conclusions </li></ul>Enterprise 2.0 study
  29. 29. Conclusions <ul><li>Data Storage, Transfer and Jurisdiction Could impede adoption in highly regulated industries </li></ul><ul><li>Security Not likely to impede adoption </li></ul><ul><li>Data Portability, Interoperability and Service Continuity Could impede in the case of smaller providers </li></ul><ul><li>Service Level Agreements and Liability Not likely to impede adoption </li></ul>Enterprise 2.0 study
  30. 30. Greater clarity and greater trust Enterprise 2.0 study
  31. 31. Enterprise 2.0 study
  32. 32. Enterprise 2.0 study
  33. 33. Salesforce 2008 “ Salesforce.com shall not be responsible or liable for the deletion, correction, destruction, damage, loss or failure to store any customer data.” From Clouded in Uncertainty: The Legal Pitfalls of Cloud Computing by John Salmon http://www.computing.co.uk/computing/features/2226701/clouded-uncertainty- Enterprise 2.0 study
  34. 34. Salesforce 2010 “ [Salesforce.com] shall maintain appropriate administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of your data.” From Salesforce Master Subscription Agreement Section 8.3 http://www.salesforce.com/company/msa.jsp Enterprise 2.0 study

×