IT Law

Away In The Clouds – Outsourcing You Organisation’s IT?

IT outsourcing is the transfer of information technology processes or services by a customer to a third party supplier, instead of the customer performing the IT functions itself. The term encompasses a wide range of specific types of transaction, each with their own distinct set of challenges and issues. The contracting for each type of IT outsourcing must be carefully considered by customers, suppliers and their respective advisers in order to reach a good deal for all, both at the commencement of the transaction and as the technology matures and evolves over the transaction’s term.

Why do companies outsource IT?

There are a number of reasons for outsourcing your businesses IT, including:

  • you do not currently have an IT department or your IT department is under-resourced
  • your IT department lacks data skills in certain areas
  • often outsourcing is more cost-effective than running an in-house team
  • you can focus your resources on your business and forget about IT issues (to an extent)

What is the most common method used for IT outsourcing at present?

The most prevalent trend in IT outsourcing at the moment is cloud computing.  Many enterprises will turn to cloud computing as a standalone outsourcing, or as part of a larger outsourcing, to save money, reduce the need for capital expenditure in, and ownership of, hardware and infrastructure and increase flexibility and responsiveness.  

What is cloud computing?

Cloud computing refers to contracting with a third party supplier for the delivery of IT services over a proprietary network or the internet. The 'Cloud' refers to the virtualisation of the equipment and infrastructure in the underlying data centres located throughout a territory, often all over the world, that offer seamless access to the data as cloud services.

Clouds can be public, private, virtual-private and hybrid.

Are their risks associated with cloud computing?

Unfortunately, yes, as many celebrities have found out.  A number of female actresses and singers, including Taylor Swift, have had their cloud accounts hacked into and personal photos and information stolen.  

If my company’s data is stolen or lost, who is liable?

If the cloud solution is configured to a set standard of security, and utilises shared infrastructure and the public internet, the supplier may look to exclude or limit liability for data losses, certain security breaches and regulatory fines. If this is the case, you will need to carefully assess the risks in light of the particular circumstances and consider whether an alternative solution (for example a bespoke private cloud) may be more appropriate.  

Often clients who outsource their IT services to a third-party using cloud computing, they experience difficulties with reconciling their policies and procedures with the supplier. While a traditional, or dedicated, outsourcing will generally allow the customer to dictate the policies which a supplier must comply with (eg security, access and data protection), the supplier of a standard cloud service is likely to have its own standard policies that apply to all customers on the platform. You will need to evaluate whether these standard policies satisfy your own business requirements and, if not, negotiate with the supplier to come to an arrangement that satisfies you both.

To find out more about the legal aspects of outsourcing IT, you can search for a solicitor through Solicitors Guru today.

Thanks for your feedback!

Share on social media :

Google+ Twitter Facebook
Thanks for your feedback!
We will review it shortly.