Saturday, October 10, 2009

Tips on Managing Risk in the Cloud Computing

BECAUSE CLOUD PROVIDERS run in a multi-tenant environment, they create the potential or enormous risk aggregation. Just one bad actor can open up all customers to a data privacy breach or interruption of services. To avoid becoming the casualty of these kinds of disasters, here are some questions to ask cloud providers.

  • Is the provider insured, and for what kinds of breaches: data privacy, network interruptions, business interruptions, cyber-extortion loss?
  • For how much is the provider insured?Does the provider have customers in regulated industries (i.e., those governed by the Health Insurance Portability and Accountability Act or Sarbanes-Oxley)?
  • Can these customers be contacted for references?
  • Has a rogue employee ever disrupted the provider’s services?
  • How long does it take the provider to restore operations after a computer attack or unplanned system outage?
  • Within the past three years, has the provider ever been accused of a privacy violation by a business customer, consumer or government agency?
  • Does the provider have a third-party endorsement or certificate of its privacy process and practices?
  • Can it provide details?
  • Does the provider have specific privacy provisions in any subcontracting agreements?Has a third party audited the provider’s network security processes and practices?
  • Can the provider offer details?What data encryption services does the provider offer?
  • Which physical security measures does the provider have in place to control and monitor human access to its main servers and customer data?


  1. greeting for my friends
    ehm..this posting its so good,make me know more managing risk thanxs ....for getting knw U more iwas follow Ur blog,if U agree follow back me thnxs....good luck

  2. Bluehost is definitely the best hosting provider with plans for any hosting needs.