Saturday, January 10, 2015

Is your data safe in the cloud?

Image

We all have heard that the cloud is supposed to save us time and money, but are we sacrificing data security, and protection by migrating our servers to the cloud?  The short answer is, it depends.  There seems to be a new hosting provider on the market every day promising low prices, highest levels of uptime, and secure data protection all in a public cloud, hybrid cloud, or private cloud configuration.  Before you get all caught up in the marketing departments attempt to promise you the world, you really need to do some homework before you trust your company’s data to some guy in a basement.  So what do you need to look for?
How long has the hosting company been in business?  This is important.  Often times you will see startup hosting company’s that have only been in business for 6 months to a year looking to build a name for themselves offer really low prices.  While this is great, it’s EXTREMELY difficult for small company’s to remain competitive with company’s like Navisite, Rackspace, Ubistor, and Amazon etc. just to name a few.  These big players purchase servers by the pallet and truck load , and can offer you the best possible pricing on hardware.  The last thing you want is to trust your data to a small organization that may go out of business in the next 12 months.
What type of infrastructure is your data hosted on?   Just because someone says your data is hosted “in the cloud”, it doesn’t mean that they have built out this extravagant datacenter with redundant servers, multiple backup and disaster recovery solutions, subject matter experts etc.  It’s a scary thought, however I have seen some IT providers call a single, under powered server running VMWare or Hyper-V , with no backup or disaster recovery solution, market their product as a cloud offering.  While their prices are EXTREMELY low, you certainly get what you pay for.
Instead of just looking at the bottom line, look at what the company has to offer.  For example, choosing a company that can provide me with the results of an SSAE 16 audit, and has had all their internal controls  (backup solutions, infrastructure redundancy, security, policies and procedures etc.) validated and published by a third party firm will certainly make me feel more comfortable than a piece of marketing material.  It’s also important to note that anyone can put a server in a datacenter that is SSAE 16 certified.  Do not confuse a datacenter certification with a service organization being certified.
How is my data protected from a datacenter outage?   Another assumption that organizations have is that if they migrate their servers to the cloud, they will never experience an outage.  While most cloud providers have geo-redundant datacenters with redundant power, internet, servers etc. there are rare instances where the datacenter may experience an outage.  Most cloud providers will offer you the ability to replicate your servers to another datacenter of theirs, however at a certain cost.  If you need datacenter availability, be sure to ask your hosting provider what your options are.
If you are in the market to migrate your servers to the cloud, I would be leverage a cloud hosting provider that has been in business for a while that has multiple datacenters, and preferably SSAE 16 certifications along with clearly defined service level agreements.  At Project Leadership Associates, we have partnered with some of the best names in the cloud hosting industry, and have validated the infrastructure and service offerings of each before we recommend them to our clients.  We position ourselves as a vendor agnostic cloud advisor and can recommend the best solution for your specific needs.

No comments:

Post a Comment