Many consumers and businesses are flocking to cloud computing as they
see an opportunity to compete on equal footing with well established
firms with big IT infrastructure. Even though there are apprehensions
in the minds of clould computing customers, partly due to the myths
promoted by some pundits and vendors whose core business is threatened
by the proliferation of cloud based services, we are seeing a constant
uptick in the customer adoption of cloud technologies.
Cloud computing
offers major opportunities but it also offer some challenges. Even
though I disagree strongly with the myths promoted by the naysayers of
cloud computing, I do understand and realize that the customers should
take an educated approach towards cloud adoption. In this post, I am
going to discuss some of the issues the customers should take care
while moving their data and apps to the web. The customers should ask
some tough questions to the vendors in order to ensure that their data is safe.
Anyone
who is planning to move to cloud based computing , should ask the
following questions to the vendors before trusting their data with
them. This is not an exhaustive list by any means but a good starting
point. The needs of every customer will be unique and the questions
should be tailored to cover specific requirements.
- What
is vendor's approach to the security of their infrastructure? Don't
expect any vendor to share the nuts and bolts of their infrastructure
security. However, they should be able to offer an overview of their
approach.
- What are the security procedures that are in
place to protect the data center? How many employees have access to the
data on their infrastructure and how well they are vetted?
- What
are the encryption technologies used by the vendors to authenticate
users to the services? What level of encryption do vendors offer to
their customers to protect their data?
- How secure are their SaaS apps and do they work with any independent security group to establish the security of their app code?
- What are their terms when it comes to ownership of data?
- How easy it is to export the data from their service in order to move to a new service? Are there any extra charges for exporting the data out of a cloud vendor's service?
- Do they delete the data completely when the customer deletes it from their web service?
- What
is their privacy policy? Do they use customer's data to promote their
business interests like offering advertisements based on the data
content, selling the customer behavior/information for third party
marketing, etc..
- What is their policy when law enforcement sends
a subpoena to grab the customer data? Are they going to hand over the
data on a golden platter or are they going to take the fight all the
way to offer as much protection as possible from the big brother?
- Courts are still not sure of how they treat data in the cloud vis a vis data on the personal desktops. Customers should prod the cloud vendors into taking initiatives to change the existing laws and to offer better protection for the data in the cloud.
- How many copies of customer's data do the vendors keep and are they stored in geographically separated regions?
- If they are stored in geographically diverse regions, what are the countries where the data resides and what are the laws governing security and privacy of user data in those countries?
- Do they offer SLA for their services?
These
are some of the questions which the business customers should
definitely ask the cloud vendors. Individual consumers may not bother
about many of the questions listed above. However, these questions, and
few others based on the individual business needs, are very important
for customers in the SMB segment before they trust them with their
business data. It is also advisable for the cloud vendors to tackle
such questions in the format of a FAQ and such an approach will help
motivate more and more people into moving their data to the clouds.
Post Comment