cloud service provider requirements
DESCRIPTION
Companies are realizing cost savings, scalability and less need for a full IT staff with cloud services. The following is a list of requirements a cloud vendor must meet to earn your trust.TRANSCRIPT
Cloud Service Provider Requirements
What makes you trust a cloud computing vendor?
• This is one of the hottest topics in cloud computing today
• Companies are realizing cost savings, scalability and less need for a full IT staff with cloud services
• The following is a list of requirements a cloud vendor must meet to earn your trust
Cloud Trust Factors (1-3)
1. Good, honest service procedures
2. Customer self-service with access to continuous monitoring for security/audit purposes (i.e. users identities and access - like Gmail)
3. Service Level Agreement (SLA) terms. • Defines performance and reliability of the provider and
guarantees penalties if they fail to perform that level of performance
Cloud Trust Factors (4-8)4. Vendor’s infrastructure is in compliance with government standards
such as FISMA and OMB
5. Government/independent body certifications in data security
6. Confidentiality, integrity & availability of data
7. Option to test with non-sensitive data before importing critical files
8. Established remedies for cross-border legal issues if the provider is not in the same country as you
Cloud Trust Factors (9-12)9. Ability to classify the sensitivity of your data before entrusting
it to the cloud
10. Clear definitions of the control that users have over their data
11. Encryption key management and identity/access management/audit ability– 256 bit encryption is ideal
12. Clear security measures, not reliance on others to ‘do the right thing’
Cloud Trust Factors (13-15)
13. Clearly established level of risk vs. potential value of cloud services
14. Willingness of the provider to make needed changes and to integrate their own security processes with yours
15. Protection guarantee in the event of data loss or breach
Keep Yourself Safe• Ensure that the cloud provider
has:– Good reputation in the industry
and within the community– SLA or terms of use set up – A way to contact someone at the
company if needed
• Ensure that you:– Never share information that is
too personal or exposes/breaches to company security if ever leaked
– Always have an online backup plan