May 26, 2019

5 Data Security Questions To Ask A Cloud Vendor

cloud vendor, data security

Data Security in the Clouds

Do you know the data security questions you should ask a cloud vendor? Zephyr Networks understands how important it is for a company to be able to trust a cloud vendor. When you are allowing an external party to safeguard the essential data and proprietary information that forms the backbone of your business, you need to be confident in their capabilities. Although not comprehensive, the 5 data security questions below can help any business validate whether or not they want to work with a potential new cloud vendor.

5 Data Security Questions To Ask A Cloud Vendor

1) Does the cloud vendor implement controls to segregate your data from other client companies?

Since cloud vendors tend to base their business on a multi-client model, the addition of other companies opens the door to a greater possibility of attack. If a multi-client server is not properly secured, a flaw in one client application could allow an attacker access to your company’s data. This is why it is essential for each client company to be safely segregated from the others on any cloud-based server.

2) Does the cloud vendor regularly encrypt and test its backups?

If a cloud vendor does not test its backups on a regular basis and update the necessary encryption, such backups are theoretically useless. Cloud-computing server backups need to be regularly tested, monitored and encrypted with the latest data security updates.

3) Does the cloud vendor have a reliable disaster recovery and business continuity plan for its data housing server sites?

When it comes to data recovery plans and business continuity strategies, your company cannot take a chance in the internet age of 24-hour business opportunities. Make sure any cloud vendor your company chooses to work with has a reliable disaster recovery and business continuity plan to ensure the safety of your data.

4) Does the cloud vendor follow data destruction processes for computer equipment and storage devices that ensures the zeroing out of all confidential information?

Before you enter into an agreement with a cloud vendor, ask them about their data destruction process. Do they take all the necessary steps to zero out confidential information on decommissioned computer equipment and storage devices? If you move on later, will your confidential information be thoroughly wiped from their servers?

5) Can the cloud vendor provide relevant certificates and applicable compliance certifications?

There is a vast array of compliance certifications for cloud vendors that include the following; ITIL, COBIT, ISO 2700, and many more. If a cloud vendor claims to be in such compliance, ask them to show you the relevant certificates and applicable compliance certifications? If they can’t do this, there most likely is a problem.

Cloud Vendor Relationship Managed

As a proponent of cloud-based solutions, Zephyr Networks has the experience needed by our clients to secure and ensure their valuable company data. We consistently negotiate and manage a client’s relationship with a cloud vendor.  To learn more about how we can help you with cloud-based storage, data security and network security solutions, please call Zephyr Networks toll free at (800) 884-7559 or fill out our handy contact form.