ofyourmailbox,sothings
arenevercompletelyout
ofyourhands”
It’s clear that moving services into the cloud can work wonders for a business. If you fit into the expectations of the marketplace then migrating is a slick, smooth process providing plenty of benefits.
It helps to be a history-free start-up, though. If you have lots of baggage, or lots of internal procedures built on structures that are out of favour, then moving can be a bigger deal. That’s why the big brands are no longer pushing an all-cloud mindset. Both Microsoft and VMware have recently stopped talking about pure off-premise cloud resources, and are talking about “hybrid” cloud instead.
If you haven’t encountered it, this is a rather loose term for a system that ties together your old on-site kit with your new off-site cloud portfolio. If you’re not sure whether you need to think about a hybrid solution, a good place to start is to
determine how much email you need to store. Ignore the advertised upper limits for online cloud-based email storage: providers will happily quote the sky as the limit, without addressing the question of how long it might take to actually upload all your data. One client of mine paid handsomely for one of the leading cloud services. Then they started trying to work out how long it would take their 23TB email archive to transfer at a rate of about six messages a minute. One wag estimated the completion time at around 30,000 years.
In fact, I’d say the breakpoint appears to be about 10GB. While this might sound a lot, if you’ve been in business for some time, you may have got there without trying very hard at all. On my own, I’m on about 6GB, going back as far as the year 2000. Once you reach that sort of level, hybrid starts to look pretty attractive, especially when you factor in the huge collapse in hardware costs since the days when Exchange 2003 ruled the roost.
It’s also a good idea not to bet everything on an unscrupulous hosting provider that might be keen to get you into a position from which it’s difficult to leave. Look at the skills market nowadays – the demand isn’t for old-school Exchange administrators; it’s for digital presence administrators, schooled in the technical and contractual aspects of moving away from a flaky or difficult provider. I’ve had clients that have tried, and left, three different hosted-email companies.
To be clear, now that the hosting business has settled into an observable, understandable pattern with known strengths and weaknesses, my advice is certainly to embrace hosted email. Just don’t keep it as your only option. Invest in another domain, or set up some more complicated split between on-premise and off-premise services. Don’t let the cloud be your only basket for increasingly important emails.
TheexpertviewSteveCassidy
ABOVEHosted email lets employees keep in touchfromanydevice, with no need to install and manage dedicated client software
The NetworkCheatSheet
@ P C P R O F A C E B O O K . C O M / P C P R O■A privacy policy? What’s that then?
Simply put, a privacy policy is a statement published on your website that provides details on the information you collect about those who use that site, who gets access to this information and the purpose for which it will be used. You know – the “we may share your information with third parties for marketing purposes”, or “we never sell your personal information to anyone” stuff. Exactly what goes into this policy will depend on the applicable law covering the website in question.
■Does my site really need one?
In this post-Snowden world, there’s far more understanding about online privacy than there used to be – and more paranoia too. According to a recent YouGov survey, some 72% of UK consumers are concerned about their private information online (see pcpro.link/250cheat). Placing a link from every page on your site to your privacy policy can go a long way to reassure potential customers and clients. Think of it as a declaration that you take privacy seriously.
■No, I mean: does the law say I need one?
A data-protection notice is required by law for any UK-based website that collects personal data – including email addresses, for example – unless the purpose of that collection is obvious and apparent. In effect, this is a privacy policy statement, since it includes details of who collects what and for what purpose.
In the US, there isn’t a federal regulation covering privacy policies, although the Federal Trade Commission does prohibit unfair or deceptive marketing “practices” and so most US website owners publish a policy to avoid falling foul of this. There are also federal laws, such as the Children’s Online Privacy Protection Act (COPPA), which require a privacy policy for information about, or targeted at, children under the age of 13.
■What about cookies?
EU E-Privacy Directive Article 5(3) requires “prior informed consent” for cookie storage and access, so simply including cookie details in your privacy policy isn’t enough. That’s why you get those pop-ups when you visit a site for the first time. However, explaining what cookies are and how the user can opt out of them makes things clearer for your visitors.
■Another necessary evil then?
If you’re thinking of a privacy policy as a “necessary evil” then you may need to rethink the way you do business online. It isn’t a necessary evil – it’s just necessary.
■So how do I go about creating one?
A good privacy policy should be understandable by everyone. In fact, a good privacy policy should be designed in the same way as your website: easy to access, intuitive and welcoming. But don’t oversimplify, because your privacy policy is also a legally binding statement. Don’t claim “we will not share your information with any third party” unless you’re sure of that fact. What about your hosting company, for example? Or what about the advertising system and payment processors you use?
So while legalese is to be avoided, it makes sense to have your draft policy checked by a data-legislation-savvy lawyer to ensure you haven’t made any silly mistakes.
■What about using one of those free templates from the interweb?
Don’t. There’s no such thing as a perfect one-size-fits-all solution; when you think about it, how likely is a templated policy to perfectly fit your business practices? And can you be certain it won’t expose you to potential legal potholes?
■Okay, I’ve got it. So once I’ve done all that I can forget about it?
Absolutely not. Although the point is often overlooked, a privacy policy is only any good if you adhere to what it says. Your statement of intent needs to be backed up by a commitment to enforce it. Work with those responsible for your data security positioning to ensure that they can deliver on your privacy promises. Remember, too, that your privacy policy has to be dynamic, and will need to be updated if your information collection practices change.
Cookie A text file stored on
your device (via the web browser) and accessed by a server, enabling websites to remember information such as user preferences and site navigation memory.
DPA The Data Protection Act
(1998), which determines how data may be “processed” in the UK.
EC Directive Used as a blanket
term to refer to the EU Privacy and Electronic Communications Regulations that cover the collection and use of personal information online.
Processing The collection,
recording, transmission or use of data collected. Even deletion is counted as processing.