Of the 42 county councils in England and Wales that were asked, 36 responded. The results showed that 28% of councils used between one and five cloud-based systems and 28% used over 20, while just 8% of those asked didn’t use any cloud-based systems.
The number of systems used differed significantly between councils, from one council only using one cloud-based system to another using in excess of 350. Although not every council provided detail on the type of systems they used, there was a diverse mix, ranging from CRM and ERP platforms to document management and storage systems.
When asked whether they had established and documented measures in place to ensure continued access to their cloud-based systems, including contingency plans and escrow agreements with service providers, 10% had no such measures.
Commenting on the results, Daniel Liptrott, managing director at NCC Group, said: “The benefits of cloud-based systems are well documented, and many organisations rely on them to carry out day-to-day activities. Councils therefore need to have sufficient measures in place to ensure continued access to these systems, particularly in the event that a cloud provider experiences disruption from an insolvency situation. Those taking advantage of cloud need to recognise these inherent risks and take formal steps to ensure they can access their data and business-critical systems if the worst should happen.
“Although many of the councils have some sort of cloud continuity plan, it’s concerning that some councils are not taking action to avoid the potential consequences of losing access to their cloud-based systems and their related data. Further, we have found those organisations that undertake test-runs of these continuity plans are best placed to deal with such risks.
“Having contingency plans in place offers peace of mind that systems can be restored if necessary, meaning that there would be limited disruption to operations if a provider outage were to occur. Escrow agreements, SLAs, direct access to cloud-based systems and risk assessments are all effective ways to ensure this.”
