MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious

What to look for in a cloud security provider

Published on 05 October 13
171
0
0

The importance of security in the cloud


Just as the online world is replete with threats to a computerâs system in the forms of viruses, Trojan horses, spyware and so forth, so when a business makes use of the cloud for storing and sharing files for the many and varied benefits that it provides, it must take into account the importance of setting up and maintaining some form of cloud security. Indeed, many business owners, taking a brief first glance at this aspect of the project, become so overwhelmed by its apparent complexity that they just throw in the towel, thinking that it is just not worth it. The costs of the setup process, however, are greatly outweighed by the benefits that it brings, so cloud storage and security are now really an indispensable part of running any company. There are many businesses that specialize in providing this service and we are about to outline the steps for deciding which one to use.



Range of services offered


Cloud security providers vary in the number and types of services they provide and the wider this range, the better; you want to be able to protect your system from attacks by all sides. Managing access also adds to the complexity of the problem. Having a single company that supports HCM (human capital management), CRM (customer relationships management) and things like that. Security should be designed into the architecture of the computer system that it is meant to support so that it cannot easily be added on later.




Does this company offer services that suit my industry?


Different industries, such as health care and finance, require different types of computer security because each is at a different level of risk and has different sensitivities. Find out if the company you are looking at has compliance services geared to your industryâs risk level. The best security providers are the ones that take a look at all the regulatory requirements across the different industries and establish a kind of baseline.




To what standards does the company adhere?


The internationally accepted standard for cloud security is ISO 27000. Check to see if a particular business adheres to that standard and lay out their commitments to their customers in terms thereof. If they do, then it will be easier for you to assess what these people will do versus what other providers will offer you in the same space and make a more informed decision based on that information. For the complete text of ISO 27000, go to the website of ISO.




Level of security


Get the cloud security provider that gives the highest level of security that you can afford. Unfortunately, too many of them use only one firewall and one physical door. There should always be several of these so that if one fails another is sure to succeed. Another important thing to check for is chain of custody, just as when handling forensic evidence: Who handled what data when?




Is data stored onshore or offshore?


It always makes sense to have device configuration files and other data located within the law enforcement system of the country in which you operate; it is never sensible to store them elsewhere as the costs are too great. A good security provider does whatever it takes to reduce costs in this and all other areas.




Problems that might arise


Here are some of the frustrations you might encounter that should make you reconsider whether to continue using their services or not:


  • The Security Operations Center that you tried to contact to perform emergency changes will not be available at the time you need them because they are needed for a meeting with senior engineers.
  • They fail to contact you regarding incident notification when you attempt to do a penetration test on your environment.
  • You attempt to access the companyâs portal only to discover that not all of their reports and interfaces are fully functioning, and the SOC tells you that they have not indexed all of the details for which you are searching.


Author Bio:

Rosa Smith uses a cloud security company, ProfitBricks.com when working remotely on her personal blog. Cloud networking for businesses by ProfitBricks cloud security solutions is a great way to customize your businesses cloud network to fit your needs.




























The importance of security in the cloud

Just as the online world is replete with threats to a computerâs system in the forms of viruses, Trojan horses, spyware and so forth, so when a business makes use of the cloud for storing and sharing files for the many and varied benefits that it provides, it must take into account the importance of setting up and maintaining some form of cloud security. Indeed, many business owners, taking a brief first glance at this aspect of the project, become so overwhelmed by its apparent complexity that they just throw in the towel, thinking that it is just not worth it. The costs of the setup process, however, are greatly outweighed by the benefits that it brings, so cloud storage and security are now really an indispensable part of running any company. There are many businesses that specialize in providing this service and we are about to outline the steps for deciding which one to use.

Range of services offered

Cloud security providers vary in the number and types of services they provide and the wider this range, the better; you want to be able to protect your system from attacks by all sides. Managing access also adds to the complexity of the problem. Having a single company that supports HCM (human capital management), CRM (customer relationships management) and things like that. Security should be designed into the architecture of the computer system that it is meant to support so that it cannot easily be added on later.

Does this company offer services that suit my industry?

Different industries, such as health care and finance, require different types of computer security because each is at a different level of risk and has different sensitivities. Find out if the company you are looking at has compliance services geared to your industryâs risk level. The best security providers are the ones that take a look at all the regulatory requirements across the different industries and establish a kind of baseline.

To what standards does the company adhere?

The internationally accepted standard for cloud security is ISO 27000. Check to see if a particular business adheres to that standard and lay out their commitments to their customers in terms thereof. If they do, then it will be easier for you to assess what these people will do versus what other providers will offer you in the same space and make a more informed decision based on that information. For the complete text of ISO 27000, go to the website of ISO.

Level of security

Get the cloud security provider that gives the highest level of security that you can afford. Unfortunately, too many of them use only one firewall and one physical door. There should always be several of these so that if one fails another is sure to succeed. Another important thing to check for is chain of custody, just as when handling forensic evidence: Who handled what data when?

Is data stored onshore or offshore?

It always makes sense to have device configuration files and other data located within the law enforcement system of the country in which you operate; it is never sensible to store them elsewhere as the costs are too great. A good security provider does whatever it takes to reduce costs in this and all other areas.

Problems that might arise

Here are some of the frustrations you might encounter that should make you reconsider whether to continue using their services or not:

  • The Security Operations Center that you tried to contact to perform emergency changes will not be available at the time you need them because they are needed for a meeting with senior engineers.
  • They fail to contact you regarding incident notification when you attempt to do a penetration test on your environment.
  • You attempt to access the companyâs portal only to discover that not all of their reports and interfaces are fully functioning, and the SOC tells you that they have not indexed all of the details for which you are searching.


Author Bio:

Rosa Smith uses a cloud security company, ProfitBricks.com when working remotely on her personal blog. Cloud networking for businesses by ProfitBricks cloud security solutions is a great way to customize your businesses cloud network to fit your needs.

This blog is listed under Cloud Computing and IT Security & Architecture Community

Related Posts:
Post a Comment

Please notify me the replies via email.

Important:
  • We hope the conversations that take place on MyTechLogy.com will be constructive and thought-provoking.
  • To ensure the quality of the discussion, our moderators may review/edit the comments for clarity and relevance.
  • Comments that are promotional, mean-spirited, or off-topic may be deleted per the moderators' judgment.
You may also be interested in
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url

Back to Top