Darin Stewart

A member of the Gartner Blog Network

Darin Stewart
Research Director
1 year with Gartner
15 years IT industry

Darin Stewart is a research director for Gartner in the Collaboration and Content Strategies service. He covers a broad range of technologies that together comprise enterprise content management. Read Full Bio

Coverage Areas:

Cloud Content Management Is Not A Cure-All

by Darin Stewart  |  May 2, 2012  |  1 Comment

I am not yet fully converted to the gospel of Cloud Content Management. The data center is undeniably in decline, but it’s not quite dead yet. Despite the evangelism of cloud-oriented vendors, moving things off-premises is not always a good idea. This is especially true for content management.  Don’t get me wrong. In many cases moving to the cloud is a slam dunk.  Web Content Management is a good example.

Serving up basic web content from an on-premise data center is more-or-less indefensible these days. Devoting scarce resources to the care and feeding of a WCM platform and the supporting infrastructure makes no sense when the content is intended for a broad public audience beyond the firewall. A SaaS WCM solution (as opposed to simply moving your platform to some outsourced hosting environment) can handle the traffic spikes, emergency content changes and platform upgrades that would otherwise consume your staff and frustrate your users. Remember though, basic web content, is the operative phrase here.  This rosy picture starts to break down a bit once your web offerings move beyond brochure-ware.  Tight integration with on-premise backend systems can still present a challenge for cloud solutions.  For example, driving web personalization off of a CRM system can create a powerful web experience.  Integrating a legacy CRM platform entrenched in the enterprise infrastructure with a WCM personalization engine floating around the cloud can be a nightmare.  Sometimes our old plumbing gets dragged along with us when we move outside our own walls.

Then there is the matter of security. Yes, technically this is a non-issue.  If you layer on the right security protocols, ensure the content is encrypted both in motion and at rest and manage access appropriately, keeping your content in the cloud isn’t a whole lot different from keeping it in your own data center down the street.  The big difference is that in your own data center, you’re the only one with the keys.  The Patriot Act empowers the U.S. government to compel any organization to turn over any and all data they may possess, including yours, without informing the data owner that they have done so.  For many non-U.S. companies, this makes the cloud a non-starter. If your content management provider also provides your encryption, your data is effectively wide open to Uncle Sam. Companies like CipherCloud have seized on this as a selling point for their cloud-based encryption services.  Your data may not be in your own data center, but at least you are the only one who can decrypt it.  The government can still demand your data, but at least you’ll know about it. This is more of a concern with documents than public web content, but it is a legitimate concern.

The list of concerns, exceptions and corner cases goes on and on. The point is that while the issues of security and privacy can be addressed in the cloud as well as they can on-premises, the cost and complexity of the solution can potentially outweigh the benefits and savings. What is emerging is a multi-tiered hybrid approach to content management that leverages both the cloud and the data center.  Content is being segregated into two tiers: critical and collaborative.  These broad categories provide a reasonable principle of division for the current state of cloud content management.

Critical content presents either high value or high risk to the enterprises and in many cases both.  It tends to be stable and finalized in its form. Depending on your industry, you may be legally required to declare certain content as critical and therefore subject to compliance requirements and records management.  In other cases, content may be critical simply because of its role in the enterprise. Collaborative content tends to be of “lesser” value and represents a lower risk to the enterprise than critical content.  It also tends to be much more volatile. Collaborative content is meant to be shared.  This can be while the content is being developed and reviewed or as the end result of that process.  At some point in its lifecycle, collaborative content may become critical content.  When this happens there is a well defined point, process and procedure for the transformation. Or at least there should be.  That hand-off can also provide a very nice interface between the data center and the cloud.

The paper free office never materialized.  The data center free infrastructure has yet to materialize.  It may happen, but we are not there yet, especially in the context of content management.  At this point, it is still necessary to look very closely at what you need to do with your content and assess the costs and risks associated with both cloud and on-premise solutions.  Sometimes it makes sense to move critical content into the cloud.  Sometimes collaborative content needs to stay behind the firewall.  Neither approach meets all needs under all circumstances in an effective manner. For now, its best to have a foot firmly planted in both worlds and to keep your options open.

1 Comment »

Category: Collaboration Enterprise Content Managment web content management     Tags: , , , ,

1 response so far ↓

  • 1 Paul Masson   May 3, 2012 at 6:40 pm

    Darin,
    I enjoyed your post, and it is nice to see that not everyone is running wildly into the stratosphere.
    Your points about privacy and separating encryption from storage are very valid. The process approach to classification of data is often overlooked, not to mention within the context of outsourcing data storage.
    Thanks for the refreshing perspective.