My nonprofit is in “the cloud”! – What does that mean?

My nonprofit is in “the cloud”! – What does that mean?

Have you recently read an article or attended a webinar where you were told that your data or software had to be in “the cloud”? Worse still, if you weren’t in “the cloud”, then your organization was exposed to all sorts of risks, problems and unnecessary costs?

There’s a reason why a visible mass of condensed water vapor floating in the atmosphere came to be used to describe a particular state of data and software. Like their meteorological namesakes, data clouds can be life sustaining, or they can rain down havoc on your business, wash away your profits, and leave you in a state of emergency.

Let’s take a closer look at “the cloud” so that you are better prepared to deal with today’s technology challenges.

Don’t be like this guy

Not long ago, chatting with a prospective customer about their donor data storage practices, I suggested we step back and look at the organization’s bigger technology picture. “I don’t worry about that,” he replied, “we are in the cloud.”

For the record, “I don’t worry” and “in the cloud” are two phrases that should not be uttered in the same sentence.

Why? Because moving data and software systems into the cloud changes an organization’s technology risk profile, but it doesn’t eliminate risk. If you are thinking that you have nothing to worry about because you are “in the could,” then I suggest that you need to get your head “OUT of the clouds” and keep reading this post.

“I’m in the cloud” … I think … maybe

When someone tells you that their software or data  is “in the cloud”, they are typically referring to the location and means of accessing said software or data. Instead of being installed cloudstorageon computers that are owned and operated by the organization, and located in their offices, software “in the cloud” is owned by another company, located on their computer network, and licensed to the customer organization for remote Internet access and usage. Likewise, data gathered by the software is stored on a database that is located remotely.

The term “in the cloud” has been used for more than two decades as a metaphor to describe the fact that the organization licensing the software doesn’t really know much about the servers or network on which the software is located, or the databases in which the data is stored.

Make sense? Sort of?

For more detail, read How Cloud Storage Works on the howstuffworks website. It is a little dated, but still very good. And if any of these geeky data words are confusing, Third Sector Labs’ Donor Data Management Dictionary is a resource we encourage every nonprofit professional to bookmark.

Why should anyone be in the cloud?

There are pros and cons to using remote, third party data storage and software service providers. But I’m not going to give you a list of pros and cons to compare … that sort of check-list approach would be misleading and a waste of time. You can’t eliminate all technology risk from your organization. Don’t let any high-priced consultant convince you otherwise.

So why should anyone be “in the cloud”? The answer: because it fits the organization’s strategy for managing technology risks.

What are your technology risks?

Many – most? – nonprofit organizations struggle to find, train, and keep qualified technical resources. This is a problem for all industries, but especially for the nonprofit sector, because the private sector and government will typically pay more for the talent. This is the number one reason why so many nonprofits adopt SaaS software, rely on consultants for technology guidance, and look to the cloud for solving many of their technology needs.

That said, you need to understand the risks in the context of your own organization. I’m going to boil them down to five. Your software and data are exposed to all five risks – no matter what. But software in the cloud addresses them differently than software installed on computers and servers in your office. The risks:

#1 – Access. How do your people log in to the software they need? How do they access data? Do you need mobility, or does your organization run from one or two central locations?

#2 – Budget. What does your software cost to obtain? To maintain? To update? To fix when everything crashes? Do you prefer higher upfront costs amortized over a longer period of time (locally installed software) or do you want a relatively fixed budget amount every month (SaaS)?

#3 – Continuity of operations. This covers everything from finding the right software to run your business to finding the right people to maintain your software. Reliability. Stability. Making sure that the lights are on every day, and that your people have the software – and data! – that they need to do their jobs.

#4 – Security. This is a biggie. How secure are your local computers? How secure is the cloud? The Internet? How many stories have we read about banks, retailers, and our government being hacked and sensitive data being stolen? What do we do? I’m afraid there isn’t a silver bullet answer to the issue of security risk. So recognize this: any software system that you access over the Internet is exposed to security risk from hackers. Any system sitting on a server – or data sitting on a laptop – in your office is exposed to the risk of physical theft. If your organization deals with highly sensitive data, like health care, then you need to fully vet this risk, and no single blog like mine can address your concerns properly.

#5 – Storage and backup. You need it. Regardless of the size of your organization, the number of systems, or the location of the software. Make sure that all system data that is necessary for your business to operate is backed up and stored somewhere other than the same location where the system resides.

Making sense with an example or two

So the answer to whether or not your data and software should be in the cloud is “it depends”. It depends on your organization’s risk profile and management practices. A couple of examples should help illustrate this.

A large nonprofit organization may want the security of having their financial systems supported by locally installed software that is not accessible from the Internet, with in-house or contracted technical resources to support these systems. But the fundraising department in that same organization, distributed across many states, may want the accessibility provided by a SaaS CRM, and may look to the newest cloud-based fundraising software to help raise more money. For this organization, the best approach is a hybrid approach – some software remains local, some in the cloud.

A small organization serving a local community may be very happy with their locally installed donor management system, and may not want to expend the time and effort to transition to newer cloud-based CRMs. They work from a single office, and everyone in the office has access to the software. Costs are low. Continuity of operations is maintained.

Both organizations in the examples above, however, need to think long and hard about data storage and backup. Wherever your business software and data are located, you want additional data storage and backup somewhere else. Remember, if you lose the ability to access your software for any reason, you can still run your business if you have the data by restoring it to a copy of the software or migrating it to something new.

Circling back to where we started

Rule number one – don’t let your head be stuck in the cloud. Software and data in the cloud will change the technology risks faced by an organization, but the cloud does NOT remove all technology risks from that organization. You still need to address the risks: access, budget, continuity of operations, security and especially storage and backup.

Rule number two – your data is more important than the software that uses it. Make sure that you can always get your hands on backup copies of the data from all of your business systems in the event of a disaster. It doesn’t matter if “disaster” means a hurricane that wipes out a data center, or an idiot technician that erases the memory on the servers on which your software resides. Both are equally as damaging to your organization.

Stick with those two rules, do your technology risk due diligence, and may all of your clouds be life sustaining.

As always, if we can help you with your data questions, please don’t hesitate to contact Third Sector Labs.



About Gary Carr

Gary is the founder and president of Third Sector Labs. With more than 20 years of experience delivering software and data solutions to a wide variety of clients, Gary turned his attention to the overwhelming problem of data. Third Sector Labs is committed to making sense of data for the nonprofit industry.

Follow Us

Subscribe to Our Newsletter