Choosing A Hosting Provider With Confidence

Choosing a Cloud Hosting Provider

Since cloud computing hit the commercial market, cloud service providers have exploded in popularity, with a huge variety of different services each tailored to its own unique variety of client. For clients, though, this presents a challenge: how to find the right provider? Out of all the numerous options, which one is best for your business?

Of course, in order to answer that question, you first need to know what needs a cloud provider will serve. In other words, what is your unique set of priorities in making the selection? For most people, the primary benefit of cloud computing is that it reduces costs, and so price will be a prime consideration in choosing a service provider.

Price, though, cannot be the only consideration. For some firms (those with a large quantity of data), size and efficiency are key. For others, the availability of customized service packages is important.

But the most important priority for any firm, and the one too often overlooked by smaller businesses, is security. Security in cloud computing is a serious matter, as cloud servers cannot be protected through traditional means (i.e. by maintaining direct control over the physical server). In order to choose a cloud provider effectively, managers and CIOs need to understand the security provisions of each provider – and this can be difficult, since so few people have a security background!

The problem is compounded by regulatory demands: if a firm is attacked through the cloud, it may be legally responsible for any damage or data loss that affects customers. For example, if customers’ credit cards are stolen from the cloud, the firm that stored them can be sued for enormous damages, unless adequate security measures were taken from the beginning. Failure to comply with these regulations places a firm at tremendous, and largely unnecessary, risk.

Key Industry Standards

Fortunately, there are a few key industry standards that even a non-expert can easily use to identify which providers meet at least the minimum security needs. SSL (Secure Socket Layer) is the industry standard security protocol that all cloud providers should offer. This protocol involves a complex exchange of private and public keys between the domain and the browser, in what security professionals call the “SSL handshake.” This handshake opens up a secure channel for data transfer, preventing third parties from intercepting, tampering, or eavesdropping.

In order to reach minimum industry standards for security, cloud providers should offer at least 128-bit SSL encryption (ideally 256-bit encryption), along with robust guarantees regarding the physical security of data centers.

If you can follow these guidelines in Choosing a Cloud provider, you can minimize your risk of data loss, theft, or online attacks, and thus serve your customers better while ensuring regulatory compliance.

Contact CloudTweaks for more information on our consulting services and whitepaper listing opportunities.

By Brent Anderson

Matrix
When sci-fi films like Tom Cruise’s Oblivion depict humans living in the clouds, we imagine that humanity might one day leave our primitive dwellings attached to the ground and ascend to floating castles in the ...
JK Chelladurai
Maintain telecom tax compliance The Telecommunications industry is one of the most heavily taxed service industries. In countries such as the United States, providers have to keep on top of Federal, State, and District taxes, ...
Louis
Why Services CPQ Is Too Slow Today When PS organizations compete in sales cycles, the first competitor to have a complete quote with accurate pricing, schedules, and an engagement plan will often win. However, getting ...
Jonathan Custance
IoT and cloud computing are on the increase High-profile cybersecurity breaches are increasingly in the news, a prime example being the NHS incident of May 2017 when services were brought to a standstill for several ...
Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.