Moving to the cloud has become a necessity for most organizations today. The cloud drives digital transformation in a way that makes businesses more agile, keeps them on the cusp of innovation, and allows them to grow.
Before you can get into the cloud, however, you’ll need to choose a vendor. With so many choices out there, how can you be sure that you are selecting the right provider for your organization’s needs? Asking potential providers these crucial questions will help make the decision easier:
1. What are your cloud services?
Not every cloud vendor offers the services that your organization needs. When looking to narrow your choices down to a few providers, you should delve into the services that each prospective choice offers. There’s virtually a cloud service for any business need, but not every vendor will provide them. Whatever your organization is looking for—accounting, customer relationship management, or software as a service—you will need to choose a provider that will be a good fit.
2. How do you handle security?
You should never sign a cloud contract before asking your provider about security. Every vendor should have myriad security provisions in place to safeguard their clients’ data. More importantly, they should update their security policies regularly.
You will know that a cloud provider takes security seriously if they leverage tactics such as multi-factor authentication, firewalls, and encryption to ensure data protection. It’s also important that the vendor you choose delivers security analytics and ongoing monitoring to keep your data safe at all times.
When vetting cloud providers for security, you should also ask them about compliance. Those with SOC 2 and CCSP certifications are compliant with the latest cloud security regulations. Depending on your industry, you should also look for vendors that adhere to more specific certifications such as HIPAA or PCI DSS.
3. Where will you house my organization’s data?
You may access your organization’s data through the cloud, but remember, the cloud isn’t some amorphous entity that resides somewhere on the Internet. Cloud providers rely on physical data centers to host and store your information. As such, you should ask prospective vendors about the location of their data centers. You should then ask to take a tour of the facility (if possible) to get a close look at how they run things and, more importantly, how they keep it secure. Ask about what they have in place to protect against natural disasters, thieves, and other physical threats to your data.
4. What happens in the event of data loss?
No cloud user wants to think about losing their data, which makes it all the more important to ask your cloud vendor about what steps they’ll take should data loss occur. Look closely at vendors’ data protection policies and how they implement them, conducting your own due diligence to assess their efficacy.
You should also look at your service level agreement (SLA) and see what it says about data loss. What provisions have been laid out in the event this scenario occurs? Most providers will put data redundancies in place to ensure that this never happens. In the rare case that it does, however, what will the vendor do to fix the issue? In many cases, they will provide compensation for lost data.
5. What is your uptime guarantee?
Asking cloud providers about their uptime guarantee can have a tremendous effect on your business continuity in the future. Ninety-nine percent uptime may sound excellent, but it actually meant that you’d be facing about three days of downtime every single year. With 99.99 percent uptime, however, your cloud system will only be down for an hour. Once again, you should use your SLA to outline the amount of downtime that is acceptable to your organization.
You should also ask each cloud vendor about their service outages. How frequent are they? How long does it typically take to resume service as normal when one occurs? Don’t forget to inquire about scheduled outages, such as those that allow for system maintenance.
6. Who has access to our data?
It can be daunting to entrust a third party with your organization’s data. You can alleviate some of your concerns by asking your provider about who exactly will be able to access your data. Typically, all admins will be capable of seeing the information housed in your cloud system. You should determine how much control this gives your provider over the data you store in their data centers.
If you’re leveraging public cloud services, then you should also ask providers about the steps they take to keep each client’s data separate. The vendor you choose should implement stringent protocols to mitigate data leakage and keep your information safe from prying eyes.
7. How do I move to another provider?
It’s never too early to start thinking about cloud exit planning, even when you haven’t selected a provider yet. As you weigh your options, you must ask the right questions about what will happen if and when you want to migrate your data to another cloud provider. It’s easy to move your data into a vendor’s cloud environment, but many of them still make it difficult to repatriate to another cloud. Some will even maintain control over your data until you pay to move each file off of their servers. As such, you should ask each potential vendor about their policy for cloud repatriation—and make sure to get any agreed-upon terms in writing.