Know the key legal and security risks in a cloud-computing contract

02.04.2013

If your data is no longer in a format your company natively uses, you'll want to be sure it's in some type of industry standard format that will make it easy to convert or use.

"Make sure you're not held hostage where they charge you an exorbitant fee for getting your data back," Petersen said. "Also, look for some kind of cooperation and assistance from the vendor in getting your data out. [And] make sure there's an agreement around what they can or cannot destroy."

It's particularly important to know whether a vendor plans to destroy data after a certain time, particularly if that data has the potential to be used in litigation with a client and might be placed into a legal hold status.

Limiting risk

Because you're giving over control of corporate data to a vendor, it's important to define basic communications processes. Ensure there's some well-defined process around notifying you when a vendor makes changes to their infrastructure that may effect your data. And request that there be periodic, structured meetings scheduled with the vendor between executive-level employees so that you can head off any surprises.

Zur Startseite