How to Assess Your Critical Cloud Service Providers

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

How to Assess Your Critical Cloud Service Providers-8

Establish Proof of Security Testing

Once the SLA is established, it is important to make sure that both sides are clear about the nature, levels and frequency of independent security testing. As part of this, look to the CSP to provide specific documents that describe the security practices they utilize. These may include, for example, penetration of the CSP’s wired and wireless network, or its web applications. The frequency of testing should be determined based on your company’s specific needs, with quarterly or semi-annual checks as the most commonplace. Annual is not enough and leaves room for vulnerabilities to go unnoticed for too long. Likewise, monthly security testing is too frequent and would not show enough of a substantial change to identify risks or exposure points.

Previously, MetricStream's David Williamson shared best practices for how companies can keep their cloud technologies secure, including:

Prioritizing the value of your data (whether public or private).
Considering the different ways a loss event may impact your organization.
Monitoring and managing your third-party relationships with specific loss prevention protocols.
Testing your network for weaknesses, and addressing them swiftly.
Dedicating resources for information stewardship.

According to the Global State of Information Survey led by PwC US in conjunction with CIO Magazine and CSO Magazine, of 10,000 IT and security decision-makers in 127 nations, 69 percent of respondents use cloud-based security services. This number reflects that the cloud has not only proliferated, but has become a staple in the enterprise IT strategy. Given the survey results, which reveal increasing and continued growth of cloud adoption, Williamson has outlined five best practice guidelines for how companies can assess the capabilities of their critical cloud service providers (CSP).

More Slideshows

10 Reasons Why the Enterprise Is Turning to Hyperconverged Infrastructure

While HCI is certainly innovative in design, its true measure lies in the practical benefits it brings to data center management and operations. ... More >>

Data Storage Today: Key Takeaways from VMworld 2016

Survey findings include pain points for secondary storage, average restore times, the growth of hyperconvergence and rate of cloud adoption in enterprises. ... More >>

5 Best Practices for Managing Zombie Cloud Infrastructure

IT administrators need to identify zombie assets, verify idle status and shut off anything that is unused. Here's how to get your dormant infrastructure back in shape. ... More >>

Subscribe Daily Edge Newsletters

Advertiser Disclosure: Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.