A higher educational institution makes significant investments in technology to perform critical functions for the institution. More and more frequently, these technology solutions are provided on a cloud basis, in which the computing functions and the storage and processing of the institution’s data are performed remotely by the vendor. While the cloud-based model can provide significant benefits to institutions, the negotiating team for any institution considering entering a cloud transaction must understand the potential risks and address them up front. Cloud transactions are complicated and require sophisticated business, technology, and legal resources to document properly. This article focuses on three key issues that any institution entering a cloud transaction should consider as it selects and negotiates with a cloud technology vendor.
For purposes of this article, the term cloud transaction refers to a technology outsourcing transaction in which the vendor provides software functionality, database storage, and associated services on a hosted basis—whether in the vendor’s own data center or in a third-party cloud environment, such as Google, Microsoft Azure, or Amazon Web Services. Common elements of cloud transactions include
Benefits of cloud transactions include (a) the reduction of capital expenses and the need for an institution to manage its own infrastructure; (b) the outsourcing of IT management, which can reduce the need for internal IT headcount; (c) the ability to scale flexibly if more resources are required; and (d) the expertise of a vendor whose business it is to provide IT services, which can enable enhanced security and the deployment of innovations more quickly than would be possible in an internally-managed environment.
These benefits are accompanied by risks associated with outsourcing to a third party key institutional functions, such as finance, business intelligence, human resources management, and the management of student information. In order to lay the groundwork for a successful relationship and to mitigate the risks noted above, institutions engaging with cloud vendors should consider the three issues outlined below.
A cloud transaction resembles a marriage—a highly integrated, long-term relationship that must work for both parties in order to work for either one. The most successful long-term relationships begin with the participants’ alignment of expectations.
In the context of a cloud transaction, this alignment can be accomplished by clearly defining what performance means, the consequences for failures to perform, and how differences in opinion will be addressed. Specifically, an institution should document the following points in any cloud transaction it enters.
By entering a cloud transaction, an institution entrusts its vendor to host and manage functions that are critical to the institution’s ability to operate and to fulfill its own obligations to students, faculty, and other constituents. Institutions can and should take steps up front and throughout the relationship to make sure this trust is well-placed. There is no silver bullet to ensure a vendor acts responsibly, but by taking a multi-layered approach, an institution can mitigate its risk and put itself in a position to identify problems before they become full-blown crises.
An institution’s reliance on a vendor to perform key functions creates unique business continuity concerns, particularly if the vendor is unable to perform due to financial problems. Again, a multilayered approach can serve as an effective way to mitigate this risk and to allow for a transition from the vendor’s platform while avoiding a major disruption of service.
The three issues discussed above (setting expectations, trust but verify, and business continuity) illustrate only some of the complex considerations raised by cloud transactions. Each transaction must be evaluated individually based on the nature of the technology and services at issue, the function that the vendor is providing, the data and information that the vendor will process and host, and the unique characteristics of the vendor. To set the table for success, a cloud transaction should be preceded by strong vendor due diligence, documented by an agreement that helps the parties align their expectations, and implemented pursuant to a robust governance process that includes the institution’s exercise of its verification and review rights. By engaging a cross-functional team to perform these activities, an institution can set itself up to enjoy the benefits provided by cloud transactions while mitigating the associated risks.
The views and opinions expressed in this article are those of the author and do not necessarily reflect the official policy or position of The Tambellini Group. To express your views in this forum, please contact Hilary Billingslea, Director, Marketing Communications & Operations, The Tambellini Group.
The views and opinions expressed in this article are those of the author and do not necessarily reflect the official policy or position of the Tambellini Group. To become a Top of Mind guest author, please contact us.
© Copyright 2021, The Tambellini Group. All Rights Reserved.
Higher Education Institutions
Solution Providers & Investors
Get exclusive access to higher education analysts, rich research, premium publications, and advisory services.
Weekly email featuring higher education blog articles, infographics or podcasts.