In January, we wrote about making cloud computing a New Year’s resolution to meet the ever-expanding cybersecurity challenges of 2021, driven by the growing adoption of remote and hybrid work options and the vulnerabilities of outdated legacy IT infrastructures. It’s been five months. If you made the decision to move your firm’s IT infrastructure to the cloud, now what?
For many firms, the next decision is whether to manage their cloud in-house or outsource it to a cloud service provider. This comparison of the two options can help reveal which one is the right choice for your firm.
In-house cloud management
In-house cloud management requires an investment in both staff and enterprise resources. In addition to the cloud provider, such as Amazon Web Services (AWS) or Microsoft Azure, there are myriad other hardware and software costs required to support and secure the infrastructure. There are also facility costs to ensure redundant power sources and physical security of the servers.
A common mistake when deciding what computer products to buy is not planning for growth. Once resources are purchased, it can be extremely difficult and impractical to add more storage, newer products or smarter software.
Hiring an in-house IT staff is also an expensive endeavor. According to PayScale, the average salary for an IT manager is $88,768 per year. The alternative is assigning responsibility to an administrative employee to handle the wide range of functions required of an in-house cloud solution. The critical tasks include:
- Performing regular system backups and software updates
- Adhering to relevant compliances
- Staying current with the latest software solutions, security patches and applications
- Routinely checking server logs and monitoring performance to resolve issues before they become problems
- Troubleshooting problems when they occur
- Getting the system up and running quickly when something goes wrong
Ideally, a firm would need more than one IT technician to both (1) manage the complexities of a cloud infrastructure and (2) master and maintain the elevated degree of knowledge in areas such as security and compliancy that is demanded by the types of data CPA firms store in their networks. Plus, who will perform these function when the designated IT staffer is out sick or on vacation?
Outsourced cloud management
Outsourcing the cloud management function to a fully-hosted service provider – meaning data plus applications, environment, emails and security – addresses many of the challenges that come with an in-house DIY solution. It eliminates the significant capital expenses for hardware and upgrades, and reduces costs by curbing the demands of maintaining an IT infrastructure.
A CPA firm’s workforce and IT requirements often fluctuate in size and seasons. A cloud hosting service offers network scalability that can be tailored to a firm’s changing requirements. IT resources (hardware and software) and network users can be added or removed without wasted investment or time to scale.
Using a cloud hosting service can also eliminate the complexities involved in adhering to government and industry regulations. Accounting firms will want a provider that not only supports Service Organization Controls (SOC 1 and SOC 2), but also understands the details and demands of other regulatory compliances relevant to the financial industry, including the Gramm Leach Bliley Act, Sarbanes Oxley Act, Bank Secrecy Act and Payment Card Industry Data Security.
When it comes to the risk of cybercrimes like phishing and ransomware, secure cloud hosting greatly minimizes threats to a firm's software programs and data files. Many cloud hosting providers also offer a secure portal for clients to connect and share information with the firm.
Finally, the transition from your current infrastructure to a fully-managed cloud hosting service should be efficient and seamless with a provider who can build your new system to replicate your current one as closely as possible. When your firm moves to the new system, workflow disruption and your staff’s learning curve should be as minimal as possible.
Questions to consider
When choosing a data hosting provider, here are three questions to ask:
What is the provider’s rating? The Telecommunications Industry Association (TIA) has a globally-recognized standard ratings system that covers the infrastructure and all other aspects of a mission-critical data center, such as the site location, architectural and physical structure of the building, electrical and mechanical infrastructure, fire safety and physical security. Two key areas they evaluate are “redundancy,” referring to the duplication of critical components or functions of a system, usually in the form of a backup; and “uptime,” meaning the percentage of time a computer is operational (versus “downtime”). The lowest Rated 1 level is given to the simplest form of data centers, basically warehouses with power, no back-up redundancy and limited protection against physical events like fires and flooding. Conversely, the top Rated 4 level is given to data centers designed to host mission-critical servers and computer systems. Redundancy is applied across the entire data center, including both computing and non-computing infrastructures such as cooling, power and internet providers, and has an uptime of 99.995%.
What does the monthly fee include? You need to beware of hidden costs. Does the monthly fee stay the same regardless of your infrastructure’s capacity needs or does the rate go up as resources are added? Is technical support included in the monthly fee, and if so, is there a monthly limit to the number of hours? What else could change your monthly rate? Examples include add-on charges for things such as CPU, RAM/memory, inbound/outbound network traffic, and the number of applications hosted.
Does the managed hosting provider have a Service Level Agreement? Commonly referred to as an SLA, these are contracts between the service provider and the client that articulate quality expectations, response times and service responsibilities.
For CPA firms, the right cloud hosting provider offers several advantages:
- Typically, is less expensive then owning and operating an in-house cloud solution.
- Eliminates the distraction and frustration of dealing with time-consuming IT issues.
- Minimizes the threat of cybercrime.
- Manages the complexities of adhering to regulatory compliances for the financial industry.
This comparison is a good starting point for firms who made the New Year’s resolution to migrate to a cloud-based IT infrastructure in 2021. To learn more, the non-profit Cloud Industry Forum offers this list of criteria to ensure you select the right cloud service provider.
Coaxis is an endorsed program for the FICPA that provides CPA firms with a fully-hosted and managed network solution designed to remove the complexities of federal and industry compliances, curb the demands of maintaining an IT infrastructure, and greatly minimize the threat of cybercrime. Its private, single-tenant data center is built, operated and maintained to the highest level Rated 4 standards, meaning it has no single points of failure, allowing for continued operations despite the occurrence of any unplanned activity. The company’s services are also compliant with GLBA, HIPAA HITECH, CJIS, and an Industry Audit SOC 2 Type 2- Unqualified Audit Opinion. To learn more, visit www.coaxiscloud.com/ficpa or contact Lisa Bryant, executive vice president of corporate development, at (850) 391-1022 or firstname.lastname@example.org.