I understand your point (regarding protection of intellectual property and having a homogeneous and controlled IT infrastructure), but I’d like to add that as a business (disregarding what my employees might like or consider more effective) I am still not in control of anything if my data and applications are somewhere “in the cloud” and I have no control over it. As a company I would be bound to that provider (in this case Microsoft) and would have to pay whatever they require for whatever they offer(good or bad services). A small alleviation would be to have that “cloud” on premise, but I think that that’s highly unrealistic. In this regard, a business is very similar to the plain user in my previous reply.
Also, don’t forget that GDPR doesn’t apply everywhere. That’s just a EU requirement which might or might not be fully implemented, even when required. As I mentioned, there’s no guarantee that your company data is not misused when it’s completely out of your hands. Not even to think about what a security breach or outage would mean and what kind of impact it would have.
Please don’t get me wrong. I’m not trying to spread FUD, but I am general skeptical and trying to think critically. Moving “everything” in “the cloud”, in the hands of one single actor requires a level of trust which I’m not able to provide and introduces single points of failure which I wouldn’t like to have, neither as individual nor as company.
I understand your point (regarding protection of intellectual property and having a homogeneous and controlled IT infrastructure), but I’d like to add that as a business (disregarding what my employees might like or consider more effective) I am still not in control of anything if my data and applications are somewhere “in the cloud” and I have no control over it. As a company I would be bound to that provider (in this case Microsoft) and would have to pay whatever they require for whatever they offer(good or bad services). A small alleviation would be to have that “cloud” on premise, but I think that that’s highly unrealistic. In this regard, a business is very similar to the plain user in my previous reply.
Also, don’t forget that GDPR doesn’t apply everywhere. That’s just a EU requirement which might or might not be fully implemented, even when required. As I mentioned, there’s no guarantee that your company data is not misused when it’s completely out of your hands. Not even to think about what a security breach or outage would mean and what kind of impact it would have.
Please don’t get me wrong. I’m not trying to spread FUD, but I am general skeptical and trying to think critically. Moving “everything” in “the cloud”, in the hands of one single actor requires a level of trust which I’m not able to provide and introduces single points of failure which I wouldn’t like to have, neither as individual nor as company.
Thanks for reading my longest post ever. ;-)