Look Beyond Security Certifications
Security certifications should certainly be on your checklist, but the truth is that the conditions required to achieve certifications are necessary, but not sufficient to ensure security. While certifications are a quick way to see if a provider has met certain industry standards, a secure environment relies on a continuous monitoring, remediation and improvement process.
Certifications are effectively point-in-time snapshots of a cloud platform and supporting processes. In the time that it takes for a certification to be achieved, audited by a third party and certified, it is entirely possible for results to be outdated before the ink is dry on the certificate. Ask your prospective provider(s) how they ensure continuous compliance, and what their policies are vis-à-vis notifications of any lapses. Favor those with the greatest transparency.
5 Ways to Keep Mission-Critical Data Safe in the Cloud
5 Ways to Keep Mission-Critical Data Safe in the Cloud
Before any company moves to the cloud, an inevitable question is asked: Will our data be secure? A 2014 IBM study found that while 85 percent of chief information security officers (CISOs) believe their company's move to the cloud is imminent, more than 40 percent also believe a significant security breach will happen at a major cloud provider.
As businesses shift their mission-critical workloads to the cloud, IT departments are tasked with not only managing company data, but also securing it. Choosing a cloud service provider that fits your security strategy is key. IT Business Edge recently spoke with Sean Jennings, co-founder and SVP of solutions architecture at Virtustream, who shared five cloud security and compliance tips for IT leaders as they transition their companies to the cloud.
