Security Questions To Ask Your Cloud Service Provider

Security Questions To Ask Your Cloud Service Provider



Moving software, websites, hardware needs and important services to the cloud is not without its risks. While cloud service subscribers can save a lot of IT budget funds in areas like software licensing, hardware costs, power charges and staff salaries, close attention must be paid to risk management. From general risks like not knowing who you’re really dealing with to very specific dangers like security and encryption, cloud customers must comprehend exactly what they’re dealing with and how to ask the right questions. This will allow them to choose the cloud service provider that will limit their risk and present the best possible service.

Transparency

This isn’t exactly a risk. It’s more of a rule of thumb right out of the gate. A cloud service provider must offer complete transparency, honestly answering all questions and supplying all information the client requests. So much of the risk management tips to follow flows from this need for transparency. There are questions to ask and if the cloud provider refuses to answer or is vague, it’s best to move on.

Who is Managing My Data?

From the engineers who manage network performance to the policy makers who direct IT departments, companies have the ability to scrutinize their prospective workers before hire. Background checks, calls to referrals and employment history verification can all be conducted by the employer beforehand. That ability is somewhat surrendered by moving to the cloud, but cloud customers are well within their rights to inquire about the qualifications and backgrounds of the cloud company’s staff, including qualifications and backgrounds. These administrators have privileged access to your data and you should know who they are.

What Access Controls are in Place?

Flowing from the need to know who manages your data is the need to know how and why. By moving to the cloud, companies give up their ability to limit physical access. Just because physical control is being transferred doesn’t mean companies give up their right to know what controls are in place to limit risk, though. Cloud companies need to disclose the exact data access control processes that dictate their administrators’ actions. Cloud subscribers should have a full understanding of who can access what data and under what conditions.

Is the Data Secured?

Security concerns don’t just come from people. Cloud providers can offer cost savings in part because, by nature, cloud storage environments are shared. Your company’s data, hosted web site, applications and more will usually live on the same server and storage area as many other companies’ information. A good cloud service provider needs to clearly explain how vital business data is segregated and secured. Encryption is a good start, but the provider must provide evidence that their encryption and other security methods have been tested, fine-tuned and proven effective.

Can they Pass Muster with Auditors?

Every business has certain conditions they must meet for regulatory compliance. This is especially true for law offices, accounting firms and companies who do a fair amount of business with local and federal governments. Regulations need to be met and annual IT audits must be performed to satisfy security concerns and ensure compliance with regulations. Customers need to find out whether the cloud provider conducts regular security audits and what their processes are for accommodating the needs of the customer’s auditors as well.

Where is the Data Actually Located?

The Internet has made the world smaller and has broken down barriers to entry in many fields. Cloud computing is one such industry. Anyone can buy shared hosting, put in some administrative time and offer server space and cloud services. Do you know what country your data actually lives in? You should, especially when it comes to local privacy laws and regulations. It’s important to find a cloud provider that will commit in writing to the specific storage location you need in order to ensure the data privacy requirements of your given jurisdiction.

Are they Here to Stay?

What happens to your data if your cloud service provider goes out of business or is bought out by another company? This is a crucial consideration, especially in a volatile economy full of shut downs, mergers and acquisitions. What guarantees can your cloud provider give regarding its long-term viability? What mechanisms are in place to guarantee the return of your data in the event of a bankruptcy or other business shutdown or turnover? Just like all the other risks outlined here, lifetime data assurance must be explained and put in writing to mitigate risks before any service agreement can be made with a cloud computing provider.

By Arthur Clyne

Arthur is a Montreal-based web and technology consultant for several local area businesses who occasionally handles freelance writing for local tech and telecom companies.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
The Annual Compliance & Ethics Institute:  Hot Topics – Cyber Security, Big Data, Privacy Breach Response

The Annual Compliance & Ethics Institute: Hot Topics – Cyber Security, Big Data, Privacy Breach Response

Cyber Security, Big Data, Privacy Breach Response MINNEAPOLIS, Aug. 30, 2016 /PRNewswire-USNewswire/ — Cyber security, social media, modern slavery, anti-corruption, export controls and sanctions, and privacy top the list of “Hot Issues” compliance and ethics professionals face each day. These and many other compliance and ethics concerns will be addressed at the 2016 Compliance & Ethics…

Top 5 Digital Health Trends

Top 5 Digital Health Trends

Digital Health Trends It is very important to keep up with the changing technology. However, it is also just as important to advance the consumer experience, care delivery methods and create opportunities for career development for the healthcare workforce. Five trends that are proven to be effective in winning in the digital age have been…

Technological Advances In The Healthcare Industry

Technological Advances In The Healthcare Industry

The Healthcare Industry The use of smart devices in healthcare is expanding, and according to a report by Technavio the global smart wearable healthcare device and services market will show a compounded annual growth rate of over 18%. Thanks to modern medicine, lifespans are increasing, resulting in aging populations and a higher frequency of chronic…

How Secure Is Your School Campus Network?

How Secure Is Your School Campus Network?

School Networks School related networks are one of the most attacked sectors today, coming in third worldwide to healthcare and retail. Because of the ever growing threat of cybercrime, IT professionals everywhere aren’t thinking in terms of “what if our network gets attacked?” Now, they think in terms of “when will our network be attacked?”…

IBM and VMware Expand Partnership to Enable Easy Hybrid Cloud Adoption

IBM and VMware Expand Partnership to Enable Easy Hybrid Cloud Adoption

IBM and VMware Expand Partnership More than 500 new clients, including Marriott International are now running VMware software on IBM Cloud since the strategic cloud partnership was announced;Introduction of VMware Cloud Foundation on IBM Cloud helps move existing apps to the cloud within hours; More than 4,000 IBM service professionals trained to help organizations extend…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

Having Your Cybersecurity And Eating It Too

Having Your Cybersecurity And Eating It Too

The Catch 22 The very same year Marc Andreessen famously said that software was eating the world, the Chief Information Officer of the United States was announcing a major Cloud First goal. That was 2011. Five years later, as both the private and public sectors continue to adopt cloud-based software services, we’re interested in this…

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from the inside out. And in many cases, some never make it past their own front door given how challenging it is to keep the lights on at home let alone factors that are out of…

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

Embracing The Cloud We love the stories of big complacent industry leaders having their positions sledge hammered by nimble cloud-based competitors. Saleforce.com chews up Oracle’s CRM business. Airbnb has a bigger market cap than Marriott. Amazon crushes Walmart (and pretty much every other retailer). We say: “How could they have not seen this coming?” But, more…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Fintech Investments Are Seeing Consistent Growth

Fintech Investments Are Seeing Consistent Growth

The Financial Services Cloud Fintech investment has been seeing consistent growth in 2015, with some large moves being made this year. The infographic (Courtesy of Venturescanner) below shows the top Fintech investors and the amount of companies they’re currently funding: Just this week, a financial data startup known as Orchard Platform raised $30 million in…

Cloud Infographic: The Explosive Growth Of The Cloud

Cloud Infographic: The Explosive Growth Of The Cloud

The Explosive Growth Of The Cloud We’ve been covering cloud computing extensively over the past number of years on CloudTweaks and have truly enjoyed watching the adoption and growth of it. Many novices are still trying to wrap their mind around what the cloud it is and what it does, while others such as thought…

Containerization: The Bold Face Of The Cloud In 2016

Containerization: The Bold Face Of The Cloud In 2016

Containerization And The Cloud “Right now, the biggest technology shift in the cloud is a rapid evolution from simple virtual machine (VM) hosting toward containerization’’ says the CTO of Microsoft Azure, Mark Russinovitch, a man who deals with the evolving cloud infrastructure every day. In his words, containerization is “an incredibly efficient, portable, and lightweight…

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

Ambitious Startups An oft-quoted statistic, 50% of new businesses fail within five years. And the culling of startups is even more dramatic, with an estimated nine out of ten folding. But to quote Steve Jobs, “I’m convinced that about half of what separates the successful entrepreneurs from the non-successful ones is pure perseverance.” So while…

Driving Success: 6 Key Metrics For Every Recurring Revenue Business

Driving Success: 6 Key Metrics For Every Recurring Revenue Business

Recurring Revenue Business Metrics Recurring revenue is the secret sauce behind the explosive growth of powerhouses like Netflix and Uber. Unsurprisingly, recurring revenue is also quickly gaining ground in more traditional industries like healthcare and the automotive business. In fact, nearly half of U.S. businesses have adopted or are planning to adopt a recurring revenue model,…

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…