Saturday, October 10, 2009

Tips on Managing Risk in the Cloud Computing

BECAUSE CLOUD PROVIDERS run in a multi-tenant environment, they create the potential or enormous risk aggregation. Just one bad actor can open up all customers to a data privacy breach or interruption of services. To avoid becoming the casualty of these kinds of disasters, here are some questions to ask cloud providers.

  • Is the provider insured, and for what kinds of breaches: data privacy, network interruptions, business interruptions, cyber-extortion loss?
  • For how much is the provider insured?Does the provider have customers in regulated industries (i.e., those governed by the Health Insurance Portability and Accountability Act or Sarbanes-Oxley)?
  • Can these customers be contacted for references?
  • Has a rogue employee ever disrupted the provider’s services?
  • How long does it take the provider to restore operations after a computer attack or unplanned system outage?
  • Within the past three years, has the provider ever been accused of a privacy violation by a business customer, consumer or government agency?
  • Does the provider have a third-party endorsement or certificate of its privacy process and practices?
  • Can it provide details?
  • Does the provider have specific privacy provisions in any subcontracting agreements?Has a third party audited the provider’s network security processes and practices?
  • Can the provider offer details?What data encryption services does the provider offer?
  • Which physical security measures does the provider have in place to control and monitor human access to its main servers and customer data?

2 comments:

  1. greeting for my friends
    ehm..this posting its so good,make me know more managing risk thanxs ....for getting knw U more iwas follow Ur blog,if U agree follow back me thnxs....good luck

    ReplyDelete
  2. Bluehost is definitely the best hosting provider with plans for any hosting needs.

    ReplyDelete