Security Questions To Ask Your Cloud Service Provider

Security Questions To Ask Your Cloud Service Provider



Moving software, websites, hardware needs and important services to the cloud is not without its risks. While cloud service subscribers can save a lot of IT budget funds in areas like software licensing, hardware costs, power charges and staff salaries, close attention must be paid to risk management. From general risks like not knowing who you’re really dealing with to very specific dangers like security and encryption, cloud customers must comprehend exactly what they’re dealing with and how to ask the right questions. This will allow them to choose the cloud service provider that will limit their risk and present the best possible service.

Transparency

This isn’t exactly a risk. It’s more of a rule of thumb right out of the gate. A cloud service provider must offer complete transparency, honestly answering all questions and supplying all information the client requests. So much of the risk management tips to follow flows from this need for transparency. There are questions to ask and if the cloud provider refuses to answer or is vague, it’s best to move on.

Who is Managing My Data?

From the engineers who manage network performance to the policy makers who direct IT departments, companies have the ability to scrutinize their prospective workers before hire. Background checks, calls to referrals and employment history verification can all be conducted by the employer beforehand. That ability is somewhat surrendered by moving to the cloud, but cloud customers are well within their rights to inquire about the qualifications and backgrounds of the cloud company’s staff, including qualifications and backgrounds. These administrators have privileged access to your data and you should know who they are.

What Access Controls are in Place?

Flowing from the need to know who manages your data is the need to know how and why. By moving to the cloud, companies give up their ability to limit physical access. Just because physical control is being transferred doesn’t mean companies give up their right to know what controls are in place to limit risk, though. Cloud companies need to disclose the exact data access control processes that dictate their administrators’ actions. Cloud subscribers should have a full understanding of who can access what data and under what conditions.

Is the Data Secured?

Security concerns don’t just come from people. Cloud providers can offer cost savings in part because, by nature, cloud storage environments are shared. Your company’s data, hosted web site, applications and more will usually live on the same server and storage area as many other companies’ information. A good cloud service provider needs to clearly explain how vital business data is segregated and secured. Encryption is a good start, but the provider must provide evidence that their encryption and other security methods have been tested, fine-tuned and proven effective.

Can they Pass Muster with Auditors?

Every business has certain conditions they must meet for regulatory compliance. This is especially true for law offices, accounting firms and companies who do a fair amount of business with local and federal governments. Regulations need to be met and annual IT audits must be performed to satisfy security concerns and ensure compliance with regulations. Customers need to find out whether the cloud provider conducts regular security audits and what their processes are for accommodating the needs of the customer’s auditors as well.

Where is the Data Actually Located?

The Internet has made the world smaller and has broken down barriers to entry in many fields. Cloud computing is one such industry. Anyone can buy shared hosting, put in some administrative time and offer server space and cloud services. Do you know what country your data actually lives in? You should, especially when it comes to local privacy laws and regulations. It’s important to find a cloud provider that will commit in writing to the specific storage location you need in order to ensure the data privacy requirements of your given jurisdiction.

Are they Here to Stay?

What happens to your data if your cloud service provider goes out of business or is bought out by another company? This is a crucial consideration, especially in a volatile economy full of shut downs, mergers and acquisitions. What guarantees can your cloud provider give regarding its long-term viability? What mechanisms are in place to guarantee the return of your data in the event of a bankruptcy or other business shutdown or turnover? Just like all the other risks outlined here, lifetime data assurance must be explained and put in writing to mitigate risks before any service agreement can be made with a cloud computing provider.

By Arthur Clyne

Arthur is a Montreal-based web and technology consultant for several local area businesses who occasionally handles freelance writing for local tech and telecom companies.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

E-Commerce Advances For Savvy Marketers

E-Commerce Advances For Savvy Marketers

Digital Marketing Platforms Advertising and marketing techniques have progressed rapidly in the last decade with both channel focus and the direction of content shifting considerably due primarily to advances in cloud technology. Gartner’s Magic Quadrant for Digital Commerce 2016 singles out a few ecommerce providers who are topping their sector in both ability to execute…

The Lighter Side Of The Cloud – Energy Battle

The Lighter Side Of The Cloud – Energy Battle

By David Fletcher Please feel free to share our comics via social media networks such as Twitter, Facebook, LinkedIn, Instagram, Pinterest. Clear attribution (Twitter example: via@cloudtweaks) to our original comic sources is greatly appreciated.

Recent Articles - Posted by
Cloud Comings and Goings

Cloud Comings and Goings

Cloud Power Amazon Web Services – the giant of cloud computing – is on track to do $10 Billion in revenue this year. Yet, rumors swirl that Apple may take a huge chunk of business away from them and Dropbox has definitely left AWS. Is something wrong at AWS? Wait, Salesforce.com (SFDC) – the granddaddy of…

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and opportunities of digital technologies. The concept is not new; we’ve been talking about it in one way or another for decades: paperless office, BYOD, user experience, consumerization of IT – all of these were stepping…

Connecting the Digital Dots with the Internet of Things

Connecting the Digital Dots with the Internet of Things

The IoT Explosion In The Cross-Industry Category Gartner estimates that 6.4 billion Internet of Things (IoT) devices will be in use in 2016, nearly a third more than last year, and with attentive patrons such as Samsung, recently committing to invest $1.2 billion into IoT research in the US over four years, we can happily…

Most Active Internet Of Things Investors In The Last 5 Years

Most Active Internet Of Things Investors In The Last 5 Years

Most Active Internet Of Things Investors A recent BI Intelligence report claimed that the Internet of Things (IoT) is on its way to becoming the largest device market in the world. Quite naturally, such exponential growth of the IoT market has prompted a number of high-profile corporate investors and smart money VCs to bet highly…

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security Risks Does security in the cloud ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that,…

Cloud Infographic – Big Data Analytics Trends

Cloud Infographic – Big Data Analytics Trends

Big Data Analytics Trends As data information and cloud computing continues to work together, the need for data analytics continues to grow. Many tech firms predict that big data volume will grow steadily 40% per year and in 2020, will grow up to 50 times that. This growth will also bring a number of cost…

Cloud Infographic – Guide To Small Business Cloud Computing

Cloud Infographic – Guide To Small Business Cloud Computing

Small Business Cloud Computing Trepidation is inherently attached to anything that involves change and especially if it involves new technologies. SMBs are incredibly vulnerable to this fear and rightfully so. The wrong security breach can incapacitate a small startup for good whereas larger enterprises can reboot their operations due to the financial stability of shareholders. Gordon Tan contributed an…

Disaster Recovery And The Cloud

Disaster Recovery And The Cloud

Disaster Recovery And The Cloud One of the least considered benefits of cloud computing in the average small or mid-sized business manager’s mind is the aspect of disaster recovery. Part of the reason for this is that so few small and mid-size businesses have ever contemplated the impact of a major disaster on their IT…

The Internet of Things – Redefining The Digital World As We Know It

The Internet of Things – Redefining The Digital World As We Know It

Redefining The Digital World According to Internet World Stats (June 30th, 2015), no fewer than 3.2 billion people across the world now use the internet in one way or another. This means an incredible amount of data sharing through the utilization of API’s, Cloud platforms and inevitably the world of connected Things. The Internet of Things is a…

The Questions of Privacy In The Internet of Things Revolution

The Questions of Privacy In The Internet of Things Revolution

Privacy in the Internet of Things Revolution The Internet of Things (IoT) has been promising a lot to consumers for a few years and now we’re really starting to see some of the big ideas come to fruition, which means an ever-growing conversation around data security and privacy. Big data comes with big responsibilities and…