Top Six Security Questions Every CIO Should Ask a Cloud Vendor
Blog Article Published: 02/23/2011
By Ian Huynh, Vice President of Engineering, Hubspan Cloud computing has become an integrated part of IT strategy for companies in every sector of our economy. By 2012, IDC predicts that IT spending on cloud services will grow almost threefold to $42 billion. So it’s no surprise that decision makers no longer wonder “if” they can benefit from cloud computing. Instead, the question being asked now is “how” best to leverage the cloud while keeping data and systems secure. With such an astounding amount of cloud computing growth expected in the next few years, it’s important for all executives, not just IT professionals, to understand the opportunities and precautions when considering a cloud solution. Security questions can span from whether information transferred between systems in the cloud is safe to what type of data is best stored in the cloud to how do I control who accesses my data? It’s important to arm executives with actionable advice when considering a cloud computing service provider. Below is a list of the top six questions every CIO should consider when evaluating how secure a cloud solution is:
- 1. How does your vendor plan on securing your data?
- 2. Do they secure the transactional data as well as the data at rest?
- Does the vendor follows secure development principles?
- 4. What are the vendor’s security certifications, audits and compliance mandates?
- 5. How does your vendor detect a compromise or intrusion?
- 6. What are their disaster recovery plans and how does data security figure into those plans?