Choosing A Hosting Provider With Confidence

Choosing a Cloud Hosting Provider

Since cloud computing hit the commercial market, cloud service providers have exploded in popularity, with a huge variety of different services each tailored to its own unique variety of client. For clients, though, this presents a challenge: how to find the right provider? Out of all the numerous options, which one is best for your business?

Of course, in order to answer that question, you first need to know what needs a cloud provider will serve. In other words, what is your unique set of priorities in making the selection? For most people, the primary benefit of cloud computing is that it reduces costs, and so price will be a prime consideration in choosing a service provider.

Price, though, cannot be the only consideration. For some firms (those with a large quantity of data), size and efficiency are key. For others, the availability of customized service packages is important.

But the most important priority for any firm, and the one too often overlooked by smaller businesses, is security. Security in cloud computing is a serious matter, as cloud servers cannot be protected through traditional means (i.e. by maintaining direct control over the physical server). In order to choose a cloud provider effectively, managers and CIOs need to understand the security provisions of each provider – and this can be difficult, since so few people have a security background!

The problem is compounded by regulatory demands: if a firm is attacked through the cloud, it may be legally responsible for any damage or data loss that affects customers. For example, if customers’ credit cards are stolen from the cloud, the firm that stored them can be sued for enormous damages, unless adequate security measures were taken from the beginning. Failure to comply with these regulations places a firm at tremendous, and largely unnecessary, risk.

Key Industry Standards

Fortunately, there are a few key industry standards that even a non-expert can easily use to identify which providers meet at least the minimum security needs. SSL (Secure Socket Layer) is the industry standard security protocol that all cloud providers should offer. This protocol involves a complex exchange of private and public keys between the domain and the browser, in what security professionals call the “SSL handshake.” This handshake opens up a secure channel for data transfer, preventing third parties from intercepting, tampering, or eavesdropping.

In order to reach minimum industry standards for security, cloud providers should offer at least 128-bit SSL encryption (ideally 256-bit encryption), along with robust guarantees regarding the physical security of data centers.

If you can follow these guidelines in Choosing a Cloud provider, you can minimize your risk of data loss, theft, or online attacks, and thus serve your customers better while ensuring regulatory compliance.

Contact CloudTweaks for more information on our consulting services and whitepaper listing opportunities.

By Brent Anderson

James Corbishly
Teams Sprawl in the Remote Workspace As working from home has become the new everyday norm, with more employers embracing the remote-work model as a new and likely permanent fixture of the employment world, there ...
Alex Dean
Enabling Privacy and Personalization Most businesses today rely on data collected online to better understand their customers and deliver more personalized products, services and experiences. These insights can be transformative for an organization, especially when ...
Gary Bernstein
Test Data Management How do you test your data management systems? With Delphix, you can automate your tests by running your data against a virtual copy of your production environment. Today, the amount of data ...
Yuliya Melnik
DevOps Services Outsourcing The sooner you release your unique idea to the public, the higher the chance that it will receive the lion's share of the audience's attention. Delays in development can lead competitors to ...
Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.