What Should You Look For In A Cloud Security Vendor?

Protecting the security of your cloud data during its transmission, storage, and access is an ongoing, fundamental concern as technology continues to evolve, intrusion possibilities increase, and BYOD becomes more common. Here are the five areas to consider when evaluating how the security of your cloud vendor stacks up.

How is My Data Physically Protected?

Any potential problem or threat to the physical data center should be covered from every angle, with continual and back up protection plans in place. Environmental controls should be systematic through proactive care and maintenance of the data center, including fire detection and suppression systems, climate and temperature controls, and 24/7 electrical power with redundancy and generator backup. It also means consistent identification and problem resolution for electrical, mechanical, and other systems for ongoing equipment operability.

How do I know Transmission Over the Network is Secure?

Encryption for data in transit over the network should be at the most advanced level—such as 256-bit SSL—and include enterprise-grade security measures over networks without WAN or VPN controls (like many companies these days). Additionally, advanced network security protection such as unique key management functionality is recommended.

How is My Data Protected in the Cloud?

Data stored in the cloud should be protected with the strictest authentication and access controls. Stored data should be encrypted, such as with 256-bit AES.

When it comes to file retention and version control, the customers should be able to enforce their own retention policies. They should also be able to remove access for single accounts if desired. This means that if a hacker gains access to the data of one company, they do not gain access to any other companies’ data. Customer access to data should be controlled by 2-factor encryption. Data compartmentalization schemes ideally utilize a multi-pronged segregation approach, with the following types of measures in place: access credentials, customer meta data with the use of S3 buckets and unique 256 AET encryption keys.

How is Data Access Managed?

The need of users to retrieve data must be weighed against the security of data access itself. Access to data should require single sign-on with SAML 2.0, as well as multi-step authentication, such as two-factor encryption-based credentials and use of a different PIN entry each time.

Access controls by the customer should also be available by different and separate admin roles, such as a server or profile administrator, based on their responsibility for data access. The cloud vendor should not have any access to the company’s data unless expressly permitted by the customer.

The customer should be able to set access controls for different roles, such as server or profile administrator, based on their responsibility for data access.

In order to provide transparency and accountability, there should be a complete audit trail of all data access activity available.

What Happens to Data if a Disaster or Failure Occurs?

In case of disaster such as power or other data center failure, service levels and data access should still be maintained. This can be achieved with data redundancy controls, such as having separate data centers clustered in key global regions and multi-zone redundancy in case failure occurs in any one zone.

No matter how cloud technology changes, end-to-end data protection is a must. Find out how your cloud vendor secures its data from all points.

By Srivatsan Srinivasan,

Senior Product Marketing Manager at Druva.

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

Cloud Infographic: Cloud Computing Growth

Cloud Infographic: Cloud Computing Growth

An excellent infographic provided by AwesomeCloud which predicts a continued high level of growth in the cloud computing industry. Potentially staggering numbers for Public Cloud IT Services of $100 Billion by 2016. Infographic Source: AwesomeCloud About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the…

The Lighter Side Of The Cloud – Holiday Photos

The Lighter Side Of The Cloud – Holiday Photos

The Lighter Side Of The Cloud – Holiday Photos Enjoy our weekly comics provided by our talented cartoonists. By David Fletcher About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with…

Cloud Infographic: Cloud Apps (A Buyers Guide)

Cloud Infographic: Cloud Apps (A Buyers Guide)

Cloud Apps (A Buyers Guide) SaaS has gained huge popularity over the last few years, with an increasing number of enterprises adopting it mainly due to the benefits like pay per use and on demand service. Cloud applications entail thorough testing for their integrity, different from that of on-premise applications. This involves testing of business…

Cloud Computing Offers Key Benefits For Small, Medium Businesses

Cloud Computing Offers Key Benefits For Small, Medium Businesses

A growing number of small and medium businesses in the United States rely on as a means of deploying mission-critical software products. Prior to the advent of cloud-based products — software solutions delivered over the Internet – companies were often forced to invest in servers and other products to run software and store data. The…

Monetization of the Internet of Things – Q&A With Brendan O’Brien

Monetization of the Internet of Things – Q&A With Brendan O’Brien

Q&A With Brendan O’Brien, Co-Founder of Aria Systems (Part 1) Monetization of the internet of things (IoT) is one of the most exciting and challenging issues facing the industry today, so we spoke with Brendan O’Brien to learn more. Brendan is the Co-Founder of Aria Systems, who are one of the leading innovators in recurring…

Featured Sponsors

2015 Advertising Opportunities - Find Out More!

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Blue square_logo_100x100-01
cisco_logo_100x100 vmware citrix100

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter