There have never been so many offerings to digitize processes, work and data, so it’s easy to lose track. Especially in the last year, quick decisions had to be made in order to keep companies operational at all. Often, the provider who was most visible in advertising or who was already known through other applications, e.g. in the office area, was chosen. With the large providers, one is also spoiled by the fact that there are all-round packages that are well integrated and usually function reliably due to the backup in the large clouds. For large companies, however, these offerings quickly become expensive, because a license has to be subscribed to for each individual.
Another question is that of data protection. Due to the overturning of the Privacy Shield between the USA and the EU, European companies are in a vacuum in this respect with offerings from US providers. Many left this question out of the equation last year because it was implemented quickly and practicably. However, since the large providers in particular handle everything in their clouds, GDPR compliance is not guaranteed.
Another important aspect of handling the entire work process with communication and document management via a provider is precisely this: the companies bind themselves to one provider with their entire process. If the provider changes its policies, there is nothing the company can do about it. Nor can they do anything about it if the provider regularly increases prices. They are also tied to the content of the offering, and new tools or apps cannot be integrated. The large providers offer relatively comprehensive all-round tools, but do not offer flexible handling of the individual apps or supplementary options.
In the meantime, many companies are celebrating the one-year home office, and even though we miss a lot, we realize that this form of work works. Many companies are therefore also considering retaining this option, even if the lockdown is eventually lifted.
But this step should also be taken with long-term solutions. Many have come to terms with last year’s temporary solutions and are not reconsidering them. But these are associated with permanent, potentially rising costs. And the issues of data security and vendor-lock cannot be taken seriously enough, in my opinion.
The point has now been reached where everyone should match their experiences with their needs, but in Europe it is again imperative to consider that we need to work GDPR-compliant. One possibility would be hybrid working, part of the work takes place in (public) clouds, part in the company’s own data center. But who is capable of managing such a system? Who controls that this work is really done cleanly separately?
Let’s take an example: A smaller company in Germany switched to Office 365 last year in order to be able to quickly use relevant services and communication tools. However, since everything (!) is now run in the Azure Cloud, the company opts for a hybrid solution. Everything relevant to HR, for example, is stored in the company’s own data center. However, this would only be consistent if HR did not communicate via teams, e.g. forwarding documents to employees for processing. As soon as a document is uploaded to Teams, it is in the Azure Cloud. Of course, their data center may be in Europe, that’s even likely, but do you really know? How consistent can one be in separating individual work or departments? How useful is a tool if part of the company shouldn’t really be using it?
There is a solution to these dilemmas! There are GDPR compliant alternatives, these are often even free of charge as they are available open source. The effort to manage them is very similar to e.g. Office 365. Some things have to be integrated first. Some things have to be explained to the employees, but after a short training it becomes clear that the basic processes do not have to change at all, but can. Exactly the tools that are needed can be used.
The advantage is that everything remains under the control of the respective organization. Only those who have been actively granted access have it. Even in a public cloud with a provider in Europe (which actually exists!), the owner of the data remains the only one who can access and edit it. In this way, the hybrid approach can also be pursued without any problems with data protection.
(* All links at the bottom of the article.)
Find out what you really want and need, and get informed. There are alternatives that allow you to work remotely in comfort, but most importantly, full control and security. You have full freedom of choice. Use it.
Chiefeditor of The Cloud Report