Many businesses are already making excellent use of cloud computing to achieve goals like better resource utilization and reduced IT costs. In some cases, the use of IT solutions leveraging cloud computing even allows firms to reduce personnel costs. Despite these inherent advantages, however, some companies still harbor doubts about the appropriateness of a cloud-computing environment for their individual circumstances.
One concern centers on PCI compliance. Some business managers assume that it is simply not possible to comply with all payment card industry regulations if a public cloud environment is being used for any portion of a credit card transaction. This is not the case, however. The PCI itself has already issued guidelines providing advice to companies who use a public cloud environment to meet their IT needs.
IT consulting firms can provide key guidance to firms considering using a public cloud environment in order to accomplish their core competencies. The public cloud is actually an ideal place to enact strong controls to ensure regulatory compliance. Because the cloud itself rests upon a shared infrastructure, compliance and other controls can be built in at a basic level, which will enable companies to take advantage of the costs savings that come from economies of scale.
Another concern about public clouds is IT security. A common assumption is that if a single company using a particular cloud has a breach, all companies using that cloud will also experience security vulnerabilities. Again, this is not the case. Data and policies can be kept separate even when the physical infrastructure is being shared, as in a public cloud model.