|By Jim Potter||
|January 20, 2014 07:00 AM EST||
Recent reports of a massive data breach affecting popular sites like Facebook, Twitter, Google and Yahoo have many companies rethinking security practices and wondering how to protect vital data. If your company uses cloud services to conduct business and manage data or is contemplating a hosting partnership, it's natural to wonder if your service provider is taking all the steps necessary to keep your confidential information secure.
It's an important issue: Cloud resources are becoming a must-have service for businesses since they offer scalability without requiring a massive investment in hardware. But before choosing a cloud service provider, it's crucial to make sure the company can deliver the security your business needs. Here are some questions to keep in mind when making an evaluation:
What kind of physical security does my cloud hosting partner maintain?
Assess your cloud service provider's physical security safeguards, including controls on facility entry, login access restrictions, CCTV monitoring capabilities, limits on who can access internal systems and administrative functions.
What assurances does the provider offer around confidentiality?
A reputable hosting partner will conduct background checks on employees who handle confidential data and require staff to sign confidentiality agreements. They will also restrict credentials so that only employees who need access can handle your data.
How are firewalls structured, and what other network security measures are in place?
Virtually all hosting providers have a firewall infrastructure in place, but it's a good idea to ask about how it's configured and whether there's an additional charge for the service. Also ask how frequently audits are conducted and what additional network security is in place.
How does the cloud service provider keep software secure?
Many security breaches occur due to software issues, so ask your hosting partner about auditing and find out how often they update security patches. Inquire about automatic update installation and reboots as well to see if these are permitted.
Does the cloud hosting company submit to audits from independent agencies?
One way companies can demonstrate compliance is by submitting to independent audits. SSAE 16 standards verify that an independent auditor assessed the company to make sure their service description matches their organization system.
What backup and redundancy capabilities are available?
Another good question for cloud service providers is what volume of backup space they maintain and how long they keep stored data. Also ask about the cloud infrastructure - specifically inquire about performance levels and system availability as well as failover capabilities and use of redundant clusters.
What kind of protection is available for data during transmission?
It's crucial to make sure confidential information like passwords and client information remain secure during transmission. Ask the company about how firewalls protect this information and if data is protected by VPN encryption. Also inquire about remote access and the use of SSL for logins.
Is it possible to connect physical and virtual resources?
To maintain tight security, potential hosting partners may require safeguards for physical servers that interact with cloud assets. Ask if this can be configured so that you can use both solutions in a single environment for greater efficiency.
What kind of Service Level Agreements (SLAs) are offered?
It's important to pay close attention to the SLAs a cloud service provider offers since this is how providers define their services and describe the performance levels you can expect. Make sure your hosting partner backs promises up with SLAs.
Companies are increasingly using hosted cloud services because it enables them to do more with less and expand capabilities without huge investments in infrastructure. But hacking is on the rise, so it's crucial to make sure a prospective cloud provider offers robust security.
If you're currently using cloud services or thinking about partnering with a hosting provider, take the time to investigate the security measures the company uses to keep client data safe. It takes a bit of time and effort, but it's well worth it to avoid a costly data breach.
Father business cycles and digital consumers are forcing enterprises to respond faster to customer needs and competitive demands. Successful integration of DevOps and Agile development will be key for business success in today’s digital economy. In his session at DevOps Summit, Pradeep Prabhu, Co-Founder & CEO of Cloudmunch, covered the critical practices that enterprises should consider to seamlessly integrate Agile and DevOps processes, barriers to implementing this in the enterprise, and pr...
Feb. 6, 2016 07:30 AM EST Reads: 264
In most cases, it is convenient to have some human interaction with a web (micro-)service, no matter how small it is. A traditional approach would be to create an HTTP interface, where user requests will be dispatched and HTML/CSS pages must be served. This approach is indeed very traditional for a web site, but not really convenient for a web service, which is not intended to be good looking, 24x7 up and running and UX-optimized. Instead, talking to a web service in a chat-bot mode would be muc...
Feb. 6, 2016 07:30 AM EST Reads: 146
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes ho...
Feb. 6, 2016 07:15 AM EST Reads: 117
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 ad...
Feb. 6, 2016 05:00 AM EST Reads: 311
Most people haven’t heard the word, “gamification,” even though they probably, and perhaps unwittingly, participate in it every day. Gamification is “the process of adding games or game-like elements to something (as a task) so as to encourage participation.” Further, gamification is about bringing game mechanics – rules, constructs, processes, and methods – into the real world in an effort to engage people. In his session at @ThingsExpo, Robert Endo, owner and engagement manager of Intrepid D...
Feb. 5, 2016 09:00 PM EST Reads: 753
Advances in technology and ubiquitous connectivity have made the utilization of a dispersed workforce more common. Whether that remote team is located across the street or country, management styles/ approaches will have to be adjusted to accommodate this new dynamic. In his session at 17th Cloud Expo, Sagi Brody, Chief Technology Officer at Webair Internet Development Inc., focused on the challenges of managing remote teams, providing real-world examples that demonstrate what works and what do...
Feb. 5, 2016 07:00 PM EST Reads: 154
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies adopt disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advanced analytics, and DevO...
Feb. 5, 2016 04:00 PM EST Reads: 114
One of the bewildering things about DevOps is integrating the massive toolchain including the dozens of new tools that seem to crop up every year. Part of DevOps is Continuous Delivery and having a complex toolchain can add additional integration and setup to your developer environment. In his session at @DevOpsSummit at 18th Cloud Expo, Miko Matsumura, Chief Marketing Officer of Gradle Inc., will discuss which tools to use in a developer stack, how to provision the toolchain to minimize onboa...
Feb. 5, 2016 04:00 PM EST
With microservices, SOA and distributed architectures becoming more popular, it is becoming increasingly harder to keep track of where time is spent in a distributed application when trying to diagnose performance problems. Distributed tracing systems attempt to address this problem by following application requests across service boundaries, persisting metadata along the way that provide context for fine-grained performance monitoring.
Feb. 5, 2016 03:45 PM EST Reads: 770
With an estimated 50 billion devices connected to the Internet by 2020, several industries will begin to expand their capabilities for retaining end point data at the edge to better utilize the range of data types and sheer volume of M2M data generated by the Internet of Things. In his session at @ThingsExpo, Don DeLoach, CEO and President of Infobright, will discuss the infrastructures businesses will need to implement to handle this explosion of data by providing specific use cases for filte...
Feb. 5, 2016 03:00 PM EST
SYS-CON Events announced today that Men & Mice, the leading global provider of DNS, DHCP and IP address management overlay solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The Men & Mice Suite overlay solution is already known for its powerful application in heterogeneous operating environments, enabling enterprises to scale without fuss. Building on a solid range of diverse platform support,...
Feb. 5, 2016 02:45 PM EST Reads: 104
SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry's single source for the cloud. Fusion's advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including clou...
Feb. 5, 2016 02:30 PM EST Reads: 695
SYS-CON Events announced today that AppNeta, the leader in performance insight for business-critical web applications, will exhibit and present at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. AppNeta is the only application performance monitoring (APM) company to provide solutions for all applications – applications you develop internally, business-critical SaaS applications you use and the networks that deli...
Feb. 5, 2016 01:30 PM EST Reads: 313
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
Feb. 5, 2016 01:30 PM EST Reads: 329
The maker of automated server migration software reports sales bookings increased 460 percent year-over-year and last week IDC forecast spending on public cloud services will grow to more than $141 billion in 2019. Seems (at last) we are at the tipping point where enterprises are adopting cloud in a big way opening opportunities for those who can help with the transition.
Feb. 5, 2016 01:27 PM EST