Cloud computing offers many benefits for the education sector, but there are also barriers to a successful digital transformation. This has not been helped by the lack of comprehensive guidance from the government, leaving schools and other educational organisations to draw up cloud strategies for themselves.

Fortunately, there are now many good examples of best practice to draw on. Schools are successfully migrating to the cloud and reaping the benefits.

For a successful cloud migration, schools do need to have certain conditions in place. This may involve some changes to the existing IT infrastructure and processes. Below I share the key factors that need to be addressed before migrating to the cloud.

Is your school or institution ready for the cloud? Download our worksheet here to find out >

7 key factors for a successful cloud migration

#1: Optimum connections for all areas of the school estate (high-speed network) – this has been a challenge for many schools with both staff and students often finding that the school network is much slower than their home network or public networks in coffee shops and similar.

#2: Define simple and effective procedures for access – for cloud computing to be widely adopted amongst users, and for the school to get the benefits of this approach, it must be easy for users to access the cloud solutions provided. Defining and implementing access procedures includes everything from Identify and Access Management (IAM) to the availability of devices for staff and students to use. IT support is also an important factor in this; perhaps the most frequent IT support tickets service desk providers see from users in the education sector, are for issues with access. Therefore you’ll need the resources in place to reset passwords quickly and resolve any problems with accessing the cloud solutions as users require.

#3: Quality of content and tools – schools need to put in place processes for reviewing the content and tools available, both for operational applications (back office) and educational resources. This process starts with shortlisting cloud applications, testing and trialling them, and then regular reviews to ascertain the educational or operational benefits and ROI. Digital transformation fails when the cloud solutions deployed are not aligned with your users’ needs and preferences.

#4: Compliance and data protection – school leaders need to identify the data that they manage and store, and understand the compliance and data protection implications of migrating data to the cloud. This may involve keeping highly sensitive data on-premise, stored securely using the school’s existing IT infrastructure, or adding different levels of protection and IAM tools for some types of data.

#5: Cloud strategy champions – schools that form a group to define their cloud strategy, monitor its use and promote cloud solutions to other stakeholders, experience higher adoption rates and see greater ROI. Users need to understand the benefits of using cloud solutions, not just for the school overall but also for their own productivity or performance, they need support and training to get the most out of different applications, and they need to see the results so that they continue to use them. Awareness, training and regular reporting all helps to increase cloud adoption.

#6: Service Level Agreements (SLA) – schools also need to define the criteria for the services they require and what their expectations are. Against this they are better able to measure the success of cloud migration, and assess individual applications and value.

#7: Outsource IT providers – finally, schools also need to put in place processes for managing the relationship between them and their suppliers – cloud and IT service providers. This might be the first time the school has partnered with a outsource provider that they rely on for ‘business critical operations’. Working with a private sector company can also be a new experience and so it’s important to outsource your requirement to a provider that understands your needs, culture and the unique challenges of running a school.

I hope you find the above useful. If you would like to discuss any of the information shared in more detail, or get further advice for implementing these measures ready for digital transformation, please get in touch.

Many organisations in regulated industries including legal firms, FSIs and healthcare companies want the benefits of cloud computing but find regulatory compliance requirements so onerous that they’re stuck using less efficient on-premise systems. Understandably companies don’t want a knock on the door from the regulator, or risk damaging their reputation by not protecting sensitive data as they’re required to do.

Is your organisation ready for the cloud? Download our worksheet to find out >

However, increasingly companies that previous discounted cloud computing as not suitable for the regulatory landscape they operate in, are revisiting this option for the following reasons:

Demand from employees – employees want the tools that cloud computing offer, enabling them to be more productive and mobile. For example, when working remotely they want to be able to access IT systems and data in real time. When this option is not available, there is a risk that employees will take shortcuts that could compromise the company’s data, such as by downloading files or documents to their own device.

Competitive advantage – cloud computing can help companies become more agile, not only driving efficiencies and cost savings but also enabling companies to be more innovative. It’s a gateway to technology that can help deliver innovative new products and services, as well as making existing systems more effective and responsive.

Cloud vendors are aligning solutions with the regulatory landscape – some cloud vendors offer standardised solutions to high service standards, others specialise by offering tailored services to meet their customers’ compliance requirements, e.g. for mission critical workloads. It’s also important to remember that companies don’t have to take an ‘all or nothing’ approach to cloud migration, core systems don’t have to be in the cloud although many companies are now moving these as well as services and products.

Challenger startups – for regulated companies, big and small, new challengers offering online services are disrupting the market. These solutions including accountancy and bookkeeping, conveyancing, payment services etc., exist in the cloud and are registered with the appropriate regulatory bodies. Customer demand for services like these is putting pressure on traditional firms to innovate and offer similar online services.

Cloud computing: 3 tips for regulatory compliance

If your organisation wants to join other regulated companies and get the benefits of cloud computing, the following tips and best practices will help you stay on the right side of the regulator.

#1: Data classification

Regulations like GDPR require organisations to understand what types of data the organisation stores so that they can protect it compliantly. Identifying data types will enable the business to decide whether it’s appropriate to migrate some or all of it to the cloud, and if so, how to secure it. Carrying out a full audit of all your data before exploring specific cloud platforms will help you identify the type of solutions you need.

#2: Data location

CIOs and business leaders need to understand the regulations concerning where data is stored and processed. Most specifically when data must not leave a specific geography, such as the EU. Typically cloud providers will host data in multiple locations, in part for disaster recovery and business continuity, but also so they can be competitive. Some might not know exactly where data is stored if they use automated systems for load balancing. It is therefore imperative that you work with a cloud provider that is able to lock data to one location or region, depending on regulatory requirements.

#3: Data security

It is essential that you understand regulatory requirements for securing data, for example some regulations require client-based encryption when moving and storing data. Then explore cloud providers’ attitudes to security. What are their strategies for user identity and access management, data protection and incident response? Consider too what safeguards are in place to prevent data compromise on shared servers: public cloud providers use ‘multi-tenancy’ to keep costs down and optimise server workloads, servers are shared with different businesses.

Ultimately it is not the cloud providers responsibility to ensure your business is compliant, but yours. However, many providers want your business and will work with you to ensure you get a solution that enables the business to get the benefits of cloud computing without falling foul of regulatory compliance.

Find out how we helped a solicitors firm with multiple offices across the South East, migrate to cloud platforms by reading this case study.

We often get asked by companies operating in regulated industries the following questions about cloud services:

“Are we allowed to move services to the cloud? Is it safe? Will this impact on compliance?”

Happily we can reassure you that industry regulators in the financial services and the legal sectors are agreed that cloud computing is safe and doesn’t go against data security and compliance guidelines: provided it is implemented correctly and appropriate controls and policies are in place. 

In 2016 the Financial Conduct Authority (FCA) approved the use of cloud computing. In a published recommendation, the FCA said there is “no fundamental reason why cloud services (including public cloud services) cannot be implemented, with appropriate consideration, in a manner that complies with our rules.” 

Although their recommendations aren’t binding, the FCA does outline guidance on how firms outsource to third-party IT and cloud service providers.

In an article for the Law Society, former Chair of the Technology & Law Reference Group at the Law Society, Dr Sam De Silva says;

“Cloud computing can provide flexibility, enhanced security, better quality services at a lower cost, and improved mobile and collaborative working, but is not without risks. Law firms should feel confident using cloud services, so long as they do so with ‘eyes open’ to these risks. From a contractual perspective, the “devil is in the detail”, so cloud computing contracts need to be reviewed carefully.”

Is your organisation ready for the cloud? Download our worksheet here to find out >

Global regulated cloud adoption 

The FCA and legal regulators are simply catching up with the digital technology that has allowed non-regulated sectors to benefit from cost savings, improved productivity and increased agility for several years. Many regulated businesses like those in financial services are now using cloud services across everything from client lifecycle management to customer relations, analytics, HR, email, marketing and other non-core uses.

Larger banks are working with financial tech (fintech) providers to transition in core areas too, including the use of Blockchain and APIs in payment processing, whilst smaller banks and lenders have already adopted a more agile approach. Some challenger banks, such as Durham-based Atom, are implementing everything from the cloud.

According to the International Data Corporation (IDC), worldwide cloud computing spending in the banking sector is set to exceed $16.7 billion. Professional service firms, particularly law and accountancy practices are set to spend $18.1 billion in 2018. Right now, the estimated compound annual growth rate (CAGR) for cloud service spending is 21.9%, with no signs of a slow down.

The spending report found that: “Even heavily regulated industries like banking and finance are using SaaS for non-core functionality, platform as a service (PaaS) for app development and testing, and IaaS for workload trial runs and testing for their new service offerings.”

Legal sector cloud adoption 

Law firms are embracing cloud computing too. Convenience and accessibility – when working away from the office – and increasingly demand from clients are driving this trend.

Digitally savvy younger clients increasingly expect to use the cloud for a host of different applications. Clio, the world’s leading practice management platform with 150,000 law firm clients found that 30% of clients age 25 – 34 prefer to share documents with lawyers using secure cloud services than traditional ways.

Lawyers too, are also turning to cloud services to store documents and record billable time. It is easier and more accurate to record time spent on work in the cloud than by hand, which is something clients are starting to trust and expect. Cloud services have also proven themselves to be invaluable for lawyers working remotely – i.e. from court or from their clients’ offices – enabling them to access documents and systems securely.

Of course security is paramount in regulated sectors, and one the most significant barriers to cloud adoption has been concerns over security. With the right security solutions and controls the cloud can provide a secure environment for highly sensitive data, as well as enabling companies to meet compliance requirements.

In fact, security is increasingly a key driver for cloud adoption as legacy IT solutions don’t meet the needs of professionals today. On premise legacy IT systems are often a barrier to mobility in sectors where employees often work offsite. This has an impact on productivity if employees can’t access the files or systems they need to work. It can also create an environment where employees take shortcuts and circumvent security controls to enable them work – such as saving documents to their own device.

Cloud services can provide remote workers with a secure environment to work in, increasing productivity and ensuring that employees adhere to security policies.

Cloud adoption is a win – win for law firms, financial service providers and their clients when the right solutions are selected and appropriate controls and policies are in place. Working with a dedicated and trusted IT partner is the best way to identify how you can benefit from the cloud whilst keeping sensitive data safe, and staying on the right side of regulatory compliance.

Get in touch with our team if you would like to explore cloud services in more detail. You may also like to download our case study with law firm Dutton Gregory which outlines how UKN Group supported this company’s transition to the cloud. 

“Cloud based software allows me to offer a level of service to my clients that I would not be able to otherwise provide on my own,” says Sam Imandoust, owner of a small Certified Public Accountant, tax law and professional services firm.    If you’ve been living under a rock for the last few years, you may have missed the impact cloud computing is currently having on the modern business landscape.

“The Cloud” is now an often repeated term in business vernacular. Cloud platforms are becoming an ever more prevalent tool, wisely put to use by businesses of all sizes and models.  Yet even as cloud platforms and related products continue to saturate the market, much is still misunderstood about what specifically qualifies as a, “cloud based,” service and what potential benefits cloud based platforms offer to users.  What follows is a basic dissection of the types of cloud services currently available and how they can be leveraged to benefit your business.

Is your business ready for the cloud? Download our worksheet to find out >

1) What are the three general categories of cloud platforms?

The term, “cloud based service,” can be used to describe an entire range of services with various functionalities.  In order to properly diagnose how and when cloud platforms might benefit your business, it’s important to understand what cloud computing is.  Generally speaking, cloud based services fall under three categories.  These categories are commonly referred to as Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS).  There are a broad range of products with specific functionalities within these three categories, but for comprehension purposes it’s best to start with high level concepts and then get more granular.

At its most basic definition, cloud computing simply refers to the ability of end users to leverage large shared resources that can be accessed with ease and efficiency.  In a nutshell, a cloud based platform allows for end users to utilise parts of bulk resources, (such as a shared server maintained by the platform provider), quickly and seamlessly, with a relatively minimal investment of labour.

Cloud platforms usually offer a few common capabilities.  Among these is the ability for end users to sign up and receive services without employing a traditional IT service or setting up their own secure server, the ability to access resources that are pooled/shared amongst all end users, and the ability to access these resources via a standard end-user portal, (such as a laptop or mobile phone).  Cost for use of these services is much the same as a cable or phone bill, with use being metered and charged based on an agreed usage rate.

2) What is Software as a Service?

As a small business owner, Sam Imandoust Esq., (who is also a barrister), will emphatically speak to anyone who cares to listen about how cloud based software saved his business.  “Going with [Cloud Software] was absolutely one of the decisions that allowed me to survive the rough economic times we’ve seen recently.”  According to Mr. Imandoust, the combination of speed, efficiency, security and cost reduction were essential in allowing him to compete with larger competitors that have access to more resources and can leverage traditional infrastructure.

“Cloud computing allowed me to skip the painful and tedious tasks of purchasing, developing and maintaining my own large infrastructure which would otherwise be necessary to support the services I offer to my clients.  Without cloud computing I would be forced to hire an outside IT specialist and additional support staff, then oversee every detail of maintaining and ensuring it continues to function optimally.  I simply would not have the time and resources to commit without sacrificing the level of quality I provide to my clients.”

Software as a service can be defined in the simplest of terms as software deployed over the internet.  A SaaS provider licenses a web based solution to customers as an on-demand service through a paid subscription.  Payment models vary from, “pay as you go,” to ad space agreements or revenue sharing from leads or business the solution might provide the end user.  Some of the common characteristics that traditionally define a particular cloud based program as a SaaS application include allowing web access to commercial software, managed from a central, (presumably off site), location that frees the end user from handling any of the traditional housekeeping chores usually associated with software like installing software upgrades/patches and securing the information via an in house encryption or fire wall.

3) When Should I Use SaaS and When Should I Avoid it?

Cloud computing in general is growing rapidly, and SaaS based platforms especially so.  The reasons for this are numerous, but there are specific business models and unique challenges where SaaS is a better solution than others.  In this section, let’s examine what sort of challenges are best met by a software based cloud solution.

Mr. Imandoust uses several SaaS cloud platforms to provide the best service he can to his clients.  As a tax barrister, he uses a cloud based storage system to securely send, receive and store sensitive legal and tax documents.  The data encryption the server protects his information with is provided completely by the cloud based platform.  This allows him to cheaply, quickly and securely exchange information with clients, court representatives, creditors, or anyone else he might need to send paperwork to via a secure portal.

In addition to file storage, Mr. Imandoust also uses an additional SaaS to provide accounting and tax services over a secure cloud.  This program allows him to quickly do the grunt work of tax filings and calculations, along with any other accounting related services; without having to establish in-house infrastructure to store and secure the sensitive information he handles.

This is a great example of how a small Certified Public Accountant or legal firm might make use of SaaS, but is it right for your business model?  When considering whether or not to employ a SaaS cloud program, there are several common instances where SaaS makes the most sense.

i) The most obvious and most commonly used SaaS would be any cloud based email platform.  There are numerous platforms to choose from, but one might look to Gmail or Microsoft Outlook/Exchange as two common and well known examples.  In 2014, email platforms such as these are really more of a basic need in order to do business rather than an avenue to pursue any sort of competitive advantage.

ii) Anytime your business model requires significant online interaction between your organization and the outside world.  Our discussion about Mr. Imandoust’s use of a secure cloud based file sharing program to send and receive sensitive documents to and from his clients is a perfect example of this type of solution.

iii) If your business requires mobile access to a database that can be shared quickly and easily amongst all employees.  A CRM, (Customer Relationship Management), program used to build and track your organization’s sales and marketing pipelines are typical examples of this type of need.

iv) Project collaboration – If you’re building out a specific short term project where the contributions of many are required.

It’s clear that software as a service can offer a wide range of benefits to nearly any business regardless of size or model, but it is also important to recognise its limitations.  Just like a hammer or a saw, cloud based software is a tool.  Tools are better suited to some purposes than others.   For certain tasks, cloud based software is less than ideal.

If for example, you require a program to process large quantities of data extremely fast in real time, you’re likely better off with a traditional software platform and a local server to send and receive data.  Another caveat would be anytime you do not want data hosted or stored externally.  Perhaps the nature of the data is extremely sensitive and because of this it is determined that it would be preferable to set up traditional infrastructure with very stringent security protocols to limit risk of exposure.  A smaller server with fewer users usually means a smaller incentive for would-be hackers to attack your system.  Huge cloud storage servers such as those provided by an international conglomerate are understandably a more visible target for those who would seek to gain access to a company’s sensitive data.

Depending upon your industry, your company also may not want to host data externally because there might possibly be some industry specific legislative regulation against it.  This quite obviously depends on what type of data you’re storing and what nation(s) your company does business in.

Lastly, a savvy manager understands that a simple solution is usually the best one.  So, if your on-site solutions and programmes are already optimal to complete the tasks and functions you require, don’t complicate things by incorporating additional programs that are unnecessary.

Now that we’ve seen how software as a cloud based service can improve efficiency and productivity while simultaneously lowering cost; let’s explore another general category of cloud based services.

4) What is Platform as a Service?

Software as a service is usually what casual technology users associate with the term, “cloud based services,” but in fact that’s merely the tip of the cumulus.

While the line between Paas and IaaS continues to become ever more blurry, it is still important to understand the subtle distinctions as one wades into the cloud for solutions.  At a most basic level, one might view PaaS as a sort of blending between software as a service and infrastructure as a service.

PaaS put simply, is a series of cloud based tools used to create/put into use customised applications quickly and efficiently, with very little of the traditional infrastructure which would normally be required to support it.  It’s a set of tools and programmes designed to make the task of coding, developing and disseminating new or custom applications quick and efficient.

To put it even more simply, PaaS functions as a cloud based application in essentially the same ways as a Saas, the only difference being that Saas is software as a service delivered over the web, and PaaS is a platform for the creation of software delivered over the web, (like buying a car vs. buying an assembly line to build your own car).

Jeff Fenster, the Owner of JFEN Holdings, swears by PaaS cloud functionality.  He uses everything from content creation, to native advertising and instructional videos to help bring awareness to the products and services.  According to Mr. Fenster, the reach, customization and efficiency PaaS programs provide his business is an absolutely essential component to his success.

“[PaaS] allows me to organise and functionalise all the unique data I collect, or my clients collect to help me gauge how effective a particular marketing campaign might be.  I can take the data I’ve collected and stored on a cloud based server, then build out an app in close collaboration with my clients, without any knowledge of coding or programming, (here he adds a “thankfully,” with a look of relief), that allows me to disseminate and make sense of the data collected, then share that data with my clients securely in a way that is easy to digest.  This functionality also allows for seamless interaction between myself, my clients and their target demographics.  Additionally, [my PaaS] gives me access to thousands of custom apps already created and shared by fellow users/independent software vendors that I can buy or exchange via a secure cloud based marketplace.”

The high functionality of cloud based PaaS is a truly valuable tool for those who would seek to turn ideas or unsorted data towards useful application.  Many PaaS programs allow the user to create and share ideas/collaborate on campaigns or create social media platforms so that employees and clients can stay in touch and collaborate instantly no matter where they are anywhere across the globe.

PaaS platforms can build apps to handle a specific task or individual function, all with a few clicks; without the need for IT resources or infrastructure.  One can automate key business processes, design page layouts for websites, create reports, all in minutes and deploy them instantly across any device within a given network.

While there are a multitude of different providers of this type of platform, they all center on some common characteristics and functionalities.  Generally speaking, PaaS platforms are web based creation tools that help users create, test, edit and disseminate different user programs and applications.  These applications usually offer some level of infrastructure support so that applications that are deployed are easily scalable and make efficient use of available resources.  A good PaaS will also include a system to make collaboration around development and delivery seamless and simple.  Think of a good communication tool like a closed social network, only available to those with a hand in development of a particular project or application.  Finally, PaaS programs will usually also offer a system or apparatus to allow your business to handle billing or subscription issues related to an apps dissemination and use.