Welcome!

SDN Journal Authors: Elizabeth White, David Paquette, Olivier Huynh Van, Pat Romanski, Dana Gardner

Related Topics: @CloudExpo, Microservices Expo, Cloud Security, @BigDataExpo, SDN Journal, @DevOpsSummit

@CloudExpo: Article

Cloud Security Checklist: Make Sure Your Data Is Safe

Cloud resources are becoming a must-have service for businesses since they offer scalability

Recent reports of a massive data breach affecting popular sites like Facebook, Twitter, Google and Yahoo have many companies rethinking security practices and wondering how to protect vital data. If your company uses cloud services to conduct business and manage data or is contemplating a hosting partnership, it's natural to wonder if your service provider is taking all the steps necessary to keep your confidential information secure.

It's an important issue: Cloud resources are becoming a must-have service for businesses since they offer scalability without requiring a massive investment in hardware. But before choosing a cloud service provider, it's crucial to make sure the company can deliver the security your business needs. Here are some questions to keep in mind when making an evaluation:

What kind of physical security does my cloud hosting partner maintain?
Assess your cloud service provider's physical security safeguards, including controls on facility entry, login access restrictions, CCTV monitoring capabilities, limits on who can access internal systems and administrative functions.

What assurances does the provider offer around confidentiality?
A reputable hosting partner will conduct background checks on employees who handle confidential data and require staff to sign confidentiality agreements. They will also restrict credentials so that only employees who need access can handle your data.

How are firewalls structured, and what other network security measures are in place?
Virtually all hosting providers have a firewall infrastructure in place, but it's a good idea to ask about how it's configured and whether there's an additional charge for the service. Also ask how frequently audits are conducted and what additional network security is in place.

How does the cloud service provider keep software secure?
Many security breaches occur due to software issues, so ask your hosting partner about auditing and find out how often they update security patches. Inquire about automatic update installation and reboots as well to see if these are permitted.

Does the cloud hosting company submit to audits from independent agencies?
One way companies can demonstrate compliance is by submitting to independent audits. SSAE 16 standards verify that an independent auditor assessed the company to make sure their service description matches their organization system.

What backup and redundancy capabilities are available?
Another good question for cloud service providers is what volume of backup space they maintain and how long they keep stored data. Also ask about the cloud infrastructure - specifically inquire about performance levels and system availability as well as failover capabilities and use of redundant clusters.

What kind of protection is available for data during transmission?
It's crucial to make sure confidential information like passwords and client information remain secure during transmission. Ask the company about how firewalls protect this information and if data is protected by VPN encryption. Also inquire about remote access and the use of SSL for logins.

Is it possible to connect physical and virtual resources?
To maintain tight security, potential hosting partners may require safeguards for physical servers that interact with cloud assets. Ask if this can be configured so that you can use both solutions in a single environment for greater efficiency.

What kind of Service Level Agreements (SLAs) are offered?
It's important to pay close attention to the SLAs a cloud service provider offers since this is how providers define their services and describe the performance levels you can expect. Make sure your hosting partner backs promises up with SLAs.

Companies are increasingly using hosted cloud services because it enables them to do more with less and expand capabilities without huge investments in infrastructure. But hacking is on the rise, so it's crucial to make sure a prospective cloud provider offers robust security.

If you're currently using cloud services or thinking about partnering with a hosting provider, take the time to investigate the security measures the company uses to keep client data safe. It takes a bit of time and effort, but it's well worth it to avoid a costly data breach.

More Stories By Jim Potter

Jim Potter is Vice President of Product Management at Hostway. He leads the product management and product marketing activities for the cloud hosting service provider.

Comments (2)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
One of biggest questions about Big Data is “How do we harness all that information for business use quickly and effectively?” Geographic Information Systems (GIS) or spatial technology is about more than making maps, but adding critical context and meaning to data of all types, coming from all different channels – even sensors. In his session at @ThingsExpo, William (Bill) Meehan, director of utility solutions for Esri, will take a closer look at the current state of spatial technology and ar...
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
Complete Internet of Things (IoT) embedded device security is not just about the device but involves the entire product’s identity, data and control integrity, and services traversing the cloud. A device can no longer be looked at as an island; it is a part of a system. In fact, given the cross-domain interactions enabled by IoT it could be a part of many systems. Also, depending on where the device is deployed, for example, in the office building versus a factory floor or oil field, security ha...
Ask someone to architect an Internet of Things (IoT) solution and you are guaranteed to see a reference to the cloud. This would lead you to believe that IoT requires the cloud to exist. However, there are many IoT use cases where the cloud is not feasible or desirable. In his session at @ThingsExpo, Dave McCarthy, Director of Products at Bsquare Corporation, will discuss the strategies that exist to extend intelligence directly to IoT devices and sensors, freeing them from the constraints of ...
Let’s face it, embracing new storage technologies, capabilities and upgrading to new hardware often adds complexity and increases costs. In his session at 18th Cloud Expo, Seth Oxenhorn, Vice President of Business Development & Alliances at FalconStor, discussed how a truly heterogeneous software-defined storage approach can add value to legacy platforms and heterogeneous environments. The result reduces complexity, significantly lowers cost, and provides IT organizations with improved efficienc...
Businesses are struggling to manage the information flow and interactions between all of these new devices and things jumping on their network, and the apps and IT systems they control. The data businesses gather is only helpful if they can do something with it. In his session at @ThingsExpo, Chris Witeck, Principal Technology Strategist at Citrix, will discuss how different the impact of IoT will be for large businesses, expanding how IoT will allow large organizations to make their legacy ap...
24Notion is full-service global creative digital marketing, technology and lifestyle agency that combines strategic ideas with customized tactical execution. With a broad understand of the art of traditional marketing, new media, communications and social influence, 24Notion uniquely understands how to connect your brand strategy with the right consumer. 24Notion ranked #12 on Corporate Social Responsibility - Book of List.
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
SYS-CON Events announced today that CDS Global Cloud, an Infrastructure as a Service provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. CDS Global Cloud is an IaaS (Infrastructure as a Service) provider specializing in solutions for e-commerce, internet gaming, online education and other internet applications. With a growing number of data centers and network points around the world, ...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lea...
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Technology vendors and analysts are eager to paint a rosy picture of how wonderful IoT is and why your deployment will be great with the use of their products and services. While it is easy to showcase successful IoT solutions, identifying IoT systems that missed the mark or failed can often provide more in the way of key lessons learned. In his session at @ThingsExpo, Peter Vanderminden, Principal Industry Analyst for IoT & Digital Supply Chain to Flatiron Strategies, will focus on how IoT de...
Big Data has been changing the world. IoT fuels the further transformation recently. How are Big Data and IoT related? In his session at @BigDataExpo, Tony Shan, a renowned visionary and thought leader, will explore the interplay of Big Data and IoT. He will anatomize Big Data and IoT separately in terms of what, which, why, where, when, who, how and how much. He will then analyze the relationship between IoT and Big Data, specifically the drilldown of how the 4Vs of Big Data (Volume, Variety,...
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, will discuss the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports. The session will include a working demo and a technical d...
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. Big Data at Cloud Expo - to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA - has announced its Call for Papers is open. Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is...
Adobe is changing the world though digital experiences. Adobe helps customers develop and deliver high-impact experiences that differentiate brands, build loyalty, and drive revenue across every screen, including smartphones, computers, tablets and TVs. Adobe content solutions are used daily by millions of companies worldwide-from publishers and broadcasters, to enterprises, marketing agencies and household-name brands. Building on its established design leadership, Adobe enables customers not o...