The Lighter Side Of The Cloud – Disaster Recovery
The Lighter Side Of The Cloud – Best Friend
The Lighter Side Of The Cloud – Black Friday Online
The Lighter Side Of The Cloud – Whoops!
The Lighter Side Of The Cloud – 4th of July

Security Questions To Ask Your Cloud Service Provider

Security Questions To Ask Your Cloud Service Provider



Moving software, websites, hardware needs and important services to the cloud is not without its risks. While cloud service subscribers can save a lot of IT budget funds in areas like software licensing, hardware costs, power charges and staff salaries, close attention must be paid to risk management. From general risks like not knowing who you’re really dealing with to very specific dangers like security and encryption, cloud customers must comprehend exactly what they’re dealing with and how to ask the right questions. This will allow them to choose the cloud service provider that will limit their risk and present the best possible service.

Transparency

This isn’t exactly a risk. It’s more of a rule of thumb right out of the gate. A cloud service provider must offer complete transparency, honestly answering all questions and supplying all information the client requests. So much of the risk management tips to follow flows from this need for transparency. There are questions to ask and if the cloud provider refuses to answer or is vague, it’s best to move on.

Who is Managing My Data?

From the engineers who manage network performance to the policy makers who direct IT departments, companies have the ability to scrutinize their prospective workers before hire. Background checks, calls to referrals and employment history verification can all be conducted by the employer beforehand. That ability is somewhat surrendered by moving to the cloud, but cloud customers are well within their rights to inquire about the qualifications and backgrounds of the cloud company’s staff, including qualifications and backgrounds. These administrators have privileged access to your data and you should know who they are.

What Access Controls are in Place?

Flowing from the need to know who manages your data is the need to know how and why. By moving to the cloud, companies give up their ability to limit physical access. Just because physical control is being transferred doesn’t mean companies give up their right to know what controls are in place to limit risk, though. Cloud companies need to disclose the exact data access control processes that dictate their administrators’ actions. Cloud subscribers should have a full understanding of who can access what data and under what conditions.

Is the Data Secured?

Security concerns don’t just come from people. Cloud providers can offer cost savings in part because, by nature, cloud storage environments are shared. Your company’s data, hosted web site, applications and more will usually live on the same server and storage area as many other companies’ information. A good cloud service provider needs to clearly explain how vital business data is segregated and secured. Encryption is a good start, but the provider must provide evidence that their encryption and other security methods have been tested, fine-tuned and proven effective.

Can they Pass Muster with Auditors?

Every business has certain conditions they must meet for regulatory compliance. This is especially true for law offices, accounting firms and companies who do a fair amount of business with local and federal governments. Regulations need to be met and annual IT audits must be performed to satisfy security concerns and ensure compliance with regulations. Customers need to find out whether the cloud provider conducts regular security audits and what their processes are for accommodating the needs of the customer’s auditors as well.

Where is the Data Actually Located?

The Internet has made the world smaller and has broken down barriers to entry in many fields. Cloud computing is one such industry. Anyone can buy shared hosting, put in some administrative time and offer server space and cloud services. Do you know what country your data actually lives in? You should, especially when it comes to local privacy laws and regulations. It’s important to find a cloud provider that will commit in writing to the specific storage location you need in order to ensure the data privacy requirements of your given jurisdiction.

Are they Here to Stay?

What happens to your data if your cloud service provider goes out of business or is bought out by another company? This is a crucial consideration, especially in a volatile economy full of shut downs, mergers and acquisitions. What guarantees can your cloud provider give regarding its long-term viability? What mechanisms are in place to guarantee the return of your data in the event of a bankruptcy or other business shutdown or turnover? Just like all the other risks outlined here, lifetime data assurance must be explained and put in writing to mitigate risks before any service agreement can be made with a cloud computing provider.

By Arthur Clyne

Arthur is a Montreal-based web and technology consultant for several local area businesses who occasionally handles freelance writing for local tech and telecom companies.

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

2 Responses to Security Questions To Ask Your Cloud Service Provider

Recent

Mobile Connectivity Rises – 24 Billion Networked Devices By 2019

Mobile Connectivity Rises – 24 Billion Networked Devices By 2019

Mobile Connectivity Rises Mobile Technologies such as BYOD, Wearable Technology and Internet of Things are the cornerstone to strong cloud computing adoption and will continue to be the case as the number of connected devices continue to climb. In May 2015, Cisco released the complete VNI Global IP Traffic Forecast, 2014 – 2019. Global highlights…

9 Pitfalls of Providing Cloud-Based Online Government Services

9 Pitfalls of Providing Cloud-Based Online Government Services

Cloud-Based Online Government Services Pitfalls When the US government designed the Affordable Care Act, a key part of the program was to encourage enrollment through the Healthcare.gov website. This online service was supposed to make it easier for citizens to learn about the ACA, compare their health insurance options, and take full advantage of this…

IOT, Intelligent Sensors, And The Change That Is Coming…

IOT, Intelligent Sensors, And The Change That Is Coming…

Intelligent Sensors And The Future What is or isn’t connected: In the end, that is the internet of things. They, the things, represent stuff that has been around for the past 30 years. It was only recently that we have developed a way to consistently connect those devices. Despite the increasing awareness of IoT, it…

Popular Archives

5 Surprising Ways Cloud Computing Is Changing Education

5 Surprising Ways Cloud Computing Is Changing Education

Cloud Computing Education The benefits of cloud computing are being recognized in businesses and institutions across the board, with almost 90 percent of organizations currently using some kind of cloud-based application. The immediate benefits of cloud computing are obvious: cloud-based applications reduce infrastructure and IT costs, increase accessibility, enable collaboration, and allow organizations more flexibility…

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring One of the hottest topics in Information and Communication Technology (ICT) is the Internet of Things (IOT). According to the report of International Telecommunication Union (2012), “the Internet of things can be perceived as a vision with technological and societal implications. It is considered as a…

Sponsors

The Many Hats Of Today’s IT Managers

The Many Hats Of Today’s IT Managers

The Many Hats of IT Managers In years past, the IT department of most large organizations was much like a version of Middle Earth: a mysterious nether world where people who seemed infinitely smarter than the rest of us bustled around, speaking and typing languages that appeared indecipherable, yet, which made our world work. They…

Selling Your Business To Your Employees

Selling Your Business To Your Employees

Mobility For Your Employees It may seem a radical notion, the idea of selling your business to the people who work for you, but this is the era in which we now work. Employees of all levels are all incredibly aware of their options when it comes to mobility and employability. This doesn’t mean that…

Established in 2009

CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

CloudTweaks Comic Library

Advertising