Data is only as safe as the monitoring and safeguards that are put into place to protect it, so it's important to ask the cloud provider what they use to protect a customer's data and what security packages are available as add-ons.
Data encryption is a layer of security that can reduce the likelihood of it being compromised, but is the encryption only available at rest or also in transit? Data-at-rest encryption protects the data where it is stored – on disk drives. If the network communications are not encrypted, then the data is at risk while it is transferred.
Moving further up the stack from the storage and compute resources, what measures are being taken to ensure unauthorized users are not allowed access into the cloud? Security monitoring and intrusion detection tools can look for patterns of failed access attempts and block those individuals from attempting access. These same types of tools can look for strange behaviors and lock down user access whenever an unexpected or questionable event takes place. Overall, it's up to you to determine how much security you need based on whether the data you are housing requires that you meet certain compliance requirements or whether it is data that is not in need of tight security.
Are you thinking about moving your business to the cloud? If so, you'll need a cloud provider. The provider needs to be a partner that will collaborate with you on design, and build and support a tailored solution that meets your business requirements for security, compliance, reliability and customization. But how do you determine which provider is right for your business? Knowing the right questions to ask is half the battle. In this slideshow, Concerto Cloud Services has identified five questions organizations should pose to prospective service providers during the selection process. Charting this information on a scorecard with which you can base your final decision is a recommended way to approach the process.