The process of IT systems migration to the cloud comes with a number of challenges: audit of your current IT infrastructure, prioritizing the transfer of IT systems in the cloud and, of course, the choice of cloud service provider. Currently, there is no single standard that can help fully evaluate the quality of the cloud-based service providers. However, there are a few key questions you can ask when choosing a cloud provider.
Data preservation: Does the provider guarantee the safety of the clients’ information?
This is an issue that is solved both by the service provider and the customer. From provider’s side the guarantees are set in the SLA, organizational and technical measures to minimize this risk. From customer’s side the safety is ensured by the use of encryption as one of the most important and effective tools for data protection. The client can use it on different levels: virtual hard disks, links or encryption on a computer that is used to connect to the cloud.
Protection in between the client company and the cloud provider: Does the provider ensure the safety of the data during transmission?
Cloud computing implies sharing large amounts of information on external channels. Using unprotected Internet connections is a potential security risk because attackers can gain access to the data during transmission between the client company and the cloud service provider. This problem can be solved by creating a VPN-connection via IPSEC, PPTP or L2TP. These technologies are recognized worldwide and guarantee a high level of reliability. The cloud service provider should use one of these technologies.
Cloud Access Control: How does the process of authentication and authorization take place?
The most common and familiar method of authentication is password protection. But it’s best to use a more powerful and secure methods: certificates, tokens, or two-step authentication. Also, it is desirable to have the automatic reset of user authentication data. The security can be improved if there is a role division between the users, according to which each will receive its corresponding right of access to cloud resources.
Segregation of user application and data: How the data and applications of a client are separated from others?
We have previously examined in detail the important aspect of IaaS-model: virtualization, which enables calculation of multi-tenancy. Client resource sharing requires the cloud service to provide a mechanism of separation and isolation of customer data from each other. The most reliable and safe option involves the use of individual machines, virtual networks, operating systems for each client, while segregation should be carried out by the hypervisor. Virtual networks should be built using proven technologies such as VLAN, which will isolate the client network from service networks of the cloud and private networks of other users.
Reaction to incidents: What action does the provider take in case of critical incidents?
Incident management and timely response to them is an integral part of managing continuous operation of clouds. The purpose of this process is to minimize the probability of incidents and reducing the negative impact on customers. The service provider must have a standardized process of detecting, identifying, analyzing and responding to incidents.
Author: This article was provided by Monitor.Us – free all-in-one cloud based IT systems monitoring service provider.
Published: June 18, 2014