Underestimating Legal Pitfalls
The IT organization at a large energy company was moving ahead with a cloud strategy leveraging two public cloud providers for platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS). All seemed to be moving along well in 2015 as the CIO and other IT leaders pursued technical evaluations, made targeted vendor selections, and began establishing legal frameworks to support the cloud strategy.
"As a large energy company with worldwide operations, we had to consider both company and international requirements around security, privacy, audit and governance," said this survey respondent. "We needed the vendor disclosures and legal points to be addressed in our legal frameworks in order to move forward with enabling our business with cloud solutions."
That's where things fell short. "Our single biggest mistake was underestimating the time and effort it would take to negotiate the cloud legal frameworks with major public cloud providers," according to the survey respondent. Ultimately, the team's persistence and due diligence paid off with successful agreements that met all requirements.
The lesson learned? "Establish clear criteria on what the deal-breakers are, and ensure you have alignment on the risk-benefits," said the respondent. "Allow ample time for due diligence, and ensure the legal frameworks are established before business pressures force you to compromise on key issues."
(Image: estt/iStockphoto)