Tap To Call
Call: 713.974.3889

Important Security Questions to Ask Your Cloud Provider

cloudIf you are searching for a cloud provider for your business, “five nines” is an expression you might hear when discussing system uptime. To a Houston managed IT services company, this means that the network will be functioning for 99.999 percent of an entire year and will be subjected to less than six minutes of unscheduled downtime. That is an impressive figure, but uptime is not the only important requirement. Your data must be available, and it must be secure. If your data is left unprotected, uptime does not matter.

Your service-level agreement (SLA) with your provider guarantees a certain amount of uptime and the required security to keep your data safe. The SLA also specifies the compensation the provider will give you if this agreement is broken. To be absolutely certain of what the SLA includes, you must ask questions regarding details of the security protocol. It is easier to protect yourself ahead of time than it is to recover from a breach of security. Before you sign the agreement, here are several important questions to ask your prospective cloud service provider regarding your Houston network security.

1. What type of Houston backup and disaster recovery is in place?

Disaster recovery as a service is popular among many companies. Others use the cloud for their own disaster recovery. Ask your provider to detail their disaster recovery plan as well as the location of the data centers and how they are protected. Your data should be backed up regularly to multiple servers in various locations. This protects your company in case one data center is breached.

2. What types of data centers are used?

Different companies require different types of data centers depending on their priorities. Here are the various kinds, or tiers, that are available.

  • Tier 1 data centers have one uplink to the servers and non-redundant components. They require no special heating or cooling systems. An example would be a personal computer.
  • Tier 2 adds redundant components to prevent loss of data if a hard drive fails.
  • Tier 3 includes the previously mentioned items plus dual-powered equipment with multiple uplinks.
  • Tier 4 is the most secure type of data center. It includes everything from Tiers 1, 2 and 3. Additionally, every component is fault-tolerant. This is the only tier that can actually provide five-nine uptime which means they are operational 99.999% yearly.

3. What kind of encryption is used?

Password protection is no guarantee of security. Many cloud providers use end-to-end encryption that protects during the data transfer on the sender’s end. Only the receiver can decrypt it. It is better to encrypt the data before you send it and to self-manage the encryption keys. Sometimes, a third party is hired to do the encryption and rotate the keys. This prevents your data and encryption keys from being on your server.

4. Has the cloud provider earned any compliance certifications?

Your cloud provider should meet the same compliance regulations as your company. You should ask to see audit copies for whatever regulations your company follows, such as Payment Card Industry Data Security Standards (PCI DSS), Sarbanes-Oxley Act (SOX) or any others.

5. How will your data be isolated from any other client’s data?

With cloud-based storage, your data resides alongside the data of the provider’s other clients. The other clients must not be able to breach your account by compromising the hypervisor separating the accounts.

Contact NSC Information Technology Group at 713-974-3889 if you would like to ask us about our cloud services. Our knowledgeable professionals can explain the entire process and give you the assurances you need to put your critical data in our safekeeping. We can bring your business into the cloud-based world safely and successfully.

This entry was posted in Cloud Integration and tagged , , . Bookmark the permalink.