Construction in the Cloud

For construction contractors who spend a great deal of time in the field, having access to important documents and software programs on demand from any location can help them run their businesses just as easily as if they were in the office every day. That’s why many contractors are making the move to “the cloud,” which means storing all data and software in a third-party location so that it can be accessed via the Internet rather than storing the information on servers at company facilities.

The American Institute of Architects and ConsensusDocs – a collection of standard construction contracts – are working to provide shared online access to their proprietary contract-drafting software programs, and many popular estimating and project management tools are now, or soon will be, available on cloud-based platforms. This trend towards Internet-based access to software and data is viewed as an easy way to reduce IT costs while facilitating collaboration and improving access to information in the field.

Undoubtedly, there are great benefits to cloud computing. But there are risks, too, and any company looking to take advantage of cloud computing needs to carefully consider the implications of giving a third party control over important business information. The following are some of the key questions to ask before you consider moving to the cloud.

Information When Needed?

You might assume you are not relinquishing ownership of your data by choosing to store it in the cloud, but the reality might surprise you. What happens if a billing dispute arises and you fail to pay for the services? Can the provider hold hostage your critical data? Because the law has not necessarily kept pace with the development of this technology, the answers to these questions are likely to depend on the language of your contract with the service provider. Unfortunately, most standard contracts do not favor the customer in this situation, and many providers are unwilling to negotiate contract terms with all but the largest of potential customers.

Ownership questions also arise in the context of legal proceedings. Information stored in the cloud – especially things like email and project correspondence – may be relevant to pending or future litigation or be subject to subpoenas or court orders. You must ensure that your data can be readily accessed when necessary and that the data will be properly preserved until it is needed. Most cloud services are not designed with this in mind, and few providers are willing to undertake such an obligation. This makes it even more important that you maintain unrestricted access to your company’s data, along with the ability to move it to a secure location in order to comply with any obligations that might arise in the event of a lawsuit.

Should We Entrust Sensitive Files?

Data security and privacy are among the most important issues that arise in the context of cloud computing. If you intend to store sensitive or confidential information, like estimating files or project cost data, you must ensure that your cloud service provider is as concerned with protecting your trade secrets as you are. Although in most cases a reputable cloud provider’s servers will be far more secure than the ones sitting in a closet at your home office, your data is far too important to simply assume this is the case. Since providers may offer different levels of security for different types of customers, find out what level of service you are buying and how the data center is equipped to deal with natural disasters and the like. Get this information in writing to avoid disputes down the road.

If the data you are storing in the cloud includes personally identifiable information, like that found in payrolls or other employment records, you must be aware of privacy laws and the potential liability that could result in the event of a security breach. For instance, most states have enacted laws requiring that affected individuals be notified of any security breach involving unencrypted personal information.

If your business is international, you must be aware of the more restrictive data privacy laws that exist in the European Union and Canada, among other places. These limit the type of personal information that may be saved and who can access it, and provide severe penalties for noncompliance. If your company does business in Canada or in Europe, you would do well to consult with a lawyer familiar with international data privacy laws before moving to the cloud.

Where Will Information Reside?

The cloud isn’t some magical realm – at the end of the day your data will physically reside on one or more computer servers. If you ever need to get your data back, it is important to know where it went in the first place. Consider this scenario: A contractor headquartered in Pennsylvania undertakes a project in New Jersey and engages a cloud provider based in California to create a database to store the project’s financial data. The provider then purchases server space from independently owned data centers located in Texas, Michigan and Ontario, Canada.

The provider fails to pay the data centers and they shut down its and the contractor’s service. If the contractor doesn’t know about the third-party data centers, he might spend thousands of dollars suing the provider in California, only to learn that the provider can’t give the contractor what it really wants – access to its financial data. Unfortunately, this is not an unlikely or uncommon scenario and it illustrates why you must take steps to learn what the service provider intends to do with your data.

What if Data is Lost or Corrupted?

As with any computer system, there is always the possibility that your critical business data could be lost in the cloud. This is a significant risk for both the customer and the service provider. However, the service provider usually has the upper hand because it has the ability to draft contract terms that limit its liability for data loss. First, most contracts describe the services to be provided in a very vague fashion and make few, if any, promises of reliability. Second, and more significant, most contracts include limitations on the types of damages for which a provider may be held liable. Because most of the damages a customer would suffer as a result of a data loss – including costs to recreate the data from backups or redundant sources, interruption to your business  and other problems – fall within these limitations, customers are left with no viable remedy for a service provider’s negligence. Again, the best way to protect against this is to negotiate appropriate contract terms. You also should contact your insurance broker to determine whether you have or can obtain coverage for these types of damages.

Have We Protected Ourselves?

Most of the risks inherent to the cloud can be managed by asking the right questions and negotiating an appropriate allocation of risks. For instance, should the customer be responsible if the cloud provider negligently destroys its data? Probably not, but should the cloud provider be responsible for damages it could never foresee, like the big job you lost because your cloud-based estimating software was offline for maintenance on the day your bid was due? The answer lies somewhere in the middle, and businesspeople should be able to negotiate a solution that they both can live with. If your provider refuses to accept responsibility for its services, it probably is best to look elsewhere.

For most contractors, the benefits of being able to access critical information and software programs anytime and anyplace outweigh the possible risks. But contractors should be aware of the many risks that accompany a migration to cloud computing, and take steps to protect themselves in the worst-case scenarios.

Current Issue

Check out our latest Edition!

 

alan blog ct

Contact Us

Construction Today Magazine
150 N. Michigan Ave., Suite 900
Chicago, IL 60601

  312.676.1100
  312.676.1101

Click here for a full list of contacts.

Latest Edition

Spread The Love

Back To Top