5 Security Questions to Ask Your Cloud Service Provider - iCorps
Cloud security is a hot topic of late with more and more companies being hacked exposing millions of records including names and addresses, social security numbers, and other sensitive personal information.
Cloud security is critical to cloud providers and their end users, but a significant number of smaller providers are misrepresenting their security model. When discussing security with a cloud provider ask the following questions:
1. Does the cloud provider own their own data center? Most smaller providers and some larger ones just rent space in data centers. When asking for compliance or auditing documents they will offer up the data center compliance document only. This document is relevant to the data center and their operations not the cloud vendor or their services. You should ask to see documentation and certification that is relevant to the services being offered and not the data center (although important). If they cannot provide this information; this should be considered a red flag.
This post originally appeared on LinkedIn Pulse by Jeffery Lauria, iCorps' Vice President of Technology. Jeff is a highly accomplished Information Security Executive whose experience spans over twenty years in all facets of information technology. He participates actively in the IT community focusing on cloud computing, cyber security and IT governance.