What Should You Look For In A Cloud Security Vendor?

Cloud Security Vendor

Protecting the security of your cloud data during its transmission, storage, and access is an ongoing, fundamental concern as technology continues to evolve, intrusion possibilities increase, and BYOD becomes more common. Here are the five areas to consider when evaluating how the security of your cloud vendor stacks up.

How is My Data Physically Protected?

Any potential problem or threat to the physical data center should be covered from every angle, with continual and back up protection plans in place. Environmental controls should be systematic through proactive care and maintenance of the data center, including fire detection and suppression systems, climate and temperature controls, and 24/7 electrical power with redundancy and generator backup. It also means consistent identification and problem resolution for electrical, mechanical, and other systems for ongoing equipment operability.

How do I know Transmission Over the Network is Secure?

Encryption for data in transit over the network should be at the most advanced level—such as 256-bit SSL—and include enterprise-grade security measures over networks without WAN or VPN controls (like many companies these days). Additionally, advanced network security protection such as unique key management functionality is recommended.

How is My Data Protected in the Cloud?

Data stored in the cloud should be protected with the strictest authentication and access controls. Stored data should be encrypted, such as with 256-bit AES.

When it comes to file retention and version control, the customers should be able to enforce their own retention policies. They should also be able to remove access for single accounts if desired. This means that if a hacker gains access to the data of one company, they do not gain access to any other companies’ data. Customer access to data should be controlled by 2-factor encryption. Data compartmentalization schemes ideally utilize a multi-pronged segregation approach, with the following types of measures in place: access credentials, customer meta data with the use of S3 buckets and unique 256 AET encryption keys.

How is Data Access Managed?

The need of users to retrieve data must be weighed against the security of data access itself. Access to data should require single sign-on with SAML 2.0, as well as multi-step authentication, such as two-factor encryption-based credentials and use of a different PIN entry each time.

Access controls by the customer should also be available by different and separate admin roles, such as a server or profile administrator, based on their responsibility for data access. The cloud vendor should not have any access to the company’s data unless expressly permitted by the customer.

The customer should be able to set access controls for different roles, such as server or profile administrator, based on their responsibility for data access.

In order to provide transparency and accountability, there should be a complete audit trail of all data access activity available.

What Happens to Data if a Disaster or Failure Occurs?

In case of disaster such as power or other data center failure, service levels and data access should still be maintained. This can be achieved with data redundancy controls, such as having separate data centers clustered in key global regions and multi-zone redundancy in case failure occurs in any one zone.

No matter how cloud technology changes, end-to-end data protection is a must. Find out how your cloud vendor secures its data from all points.

By Srivatsan Srinivasan, Senior Product Marketing Manager at Druva.

Hamza Seqqat

The Benefits of Virtualizing SD-WAN and Security

Benefits of Virtualizing SD-WAN As more companies adopt SD-WAN technology to enhance the agility of their networking architecture, they must give strong consideration to how and where to apply security across the network. There’s no ...
Mobile Apps Business

It May Not Be Sexy, But Strict Compliance Delivers The Freedom To Innovate

Compliance and Business Innovation When the U.S. based non-profit organization RHD | Resources for Human Development decided to move its operations into the cloud, one of its top priorities was compliance. As a company that ...
Mark Casey Apcela

How to Optimize Your Office 365 Performance with Network Peering

Optimize Performance with Network Peering Microsoft Office 365 usage has grown significantly in recent years. More than 56 percent of organizations all around the world now use Office 365 cloud-based services. In terms of user ...
Alex Brisbourne

Industrial IoT Cyberattacks Continue To Rise

IoT Industrial Security The Internet of Things (IoT) includes both traditional electronics and everyday ‘things’ embedded with sensors, computing, and networking capabilities. From smart coffee makers and smart homes to smart lighting and smart cities, ...
Ian Hayes

Pick The Right AWS Course And Ensure A Brighter Future Ahead

Picking The Right AWS Course As the leader of the pack, AWS (Amazon Web Services) is the fastest-growing public cloud service in the industry, and it's all set to extend its dominance with a 52% ...
Anita Raj

A Winning Data Strategy Series Part 4: Are Your Data-driven Insights Driving Business Results?

Are your data-driven insights driving business results? This is the fourth piece of a 5-part series on plugging the obvious but overlooked gaps in achieving digital success through a refined data strategy. How would you ...