How to Assess Your Critical Cloud Service Providers

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
Next How to Assess Your Critical Cloud Service Providers-10 Next

Right to Audit

It is also imperative to include the right to audit within the CSP contract. The right to audit provides your company with another layer of trust in the CSP’s ability to suitably manage sensitive data. Specifically, your service agreement should include two clauses: 1) The right to inspect physical infrastructure and data facilities in person, and 2) The right to test (including security scanning). Note that many CSPs do not favor the latter form of auditing as it reveals how difficult (or easy) it would be to break into their networks. Third parties also commonly conduct independent CSP audits, and it should be noted in your service agreement that your organization be given complete access to those reports.

In the event that the CSP fails any of these audits, they should be granted a period to improve. If there is no progress following this timeframe, your company has the right to terminate the relationship and retrieve your data.

Previously, MetricStream's David Williamson shared best practices for how companies can keep their cloud technologies secure, including:

  • Prioritizing the value of your data (whether public or private).
  • Considering the different ways a loss event may impact your organization.
  • Monitoring and managing your third-party relationships with specific loss prevention protocols.
  • Testing your network for weaknesses, and addressing them swiftly.
  • Dedicating resources for information stewardship.

According to the Global State of Information Survey led by PwC US in conjunction with CIO Magazine and CSO Magazine, of 10,000 IT and security decision-makers in 127 nations, 69 percent of respondents use cloud-based security services. This number reflects that the cloud has not only proliferated, but has become a staple in the enterprise IT strategy. Given the survey results, which reveal increasing and continued growth of cloud adoption, Williamson has outlined five best practice guidelines for how companies can assess the capabilities of their critical cloud service providers (CSP).

 

Related Topics : IBM Looks to Redefine Industry Standard Servers, APC, Brocade, Citrix Systems, Data Center

 
More Slideshows

DataM63-290x195 Data Storage Today: Key Takeaways from VMworld 2016

Survey findings include pain points for secondary storage, average restore times, the growth of hyperconvergence and rate of cloud adoption in enterprises.  ...  More >>

cloud51-190x128 5 Best Practices for Managing Zombie Cloud Infrastructure

IT administrators need to identify zombie assets, verify idle status and shut off anything that is unused. Here's how to get your dormant infrastructure back in shape. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.