Step 7: Choose the Right Cloud Service Provider Choosing a cloud service provider is complicated on many levels—from the cloud delivery model and architecture to specific applications. Add to that the countless interdependencies and relationships, both technological and business-related, among vendors. To complicate matters, some companies offer not only software, but also hardware and services. Nevertheless, you must be vigilant about making sure the security you need to protect your data and platform are part of the offering. At the highest level, you need to know if the cloud provider can provide evidence of data and platform protections for the services they provide. Once you are comfortable that your criteria can be met, you can establish measurable, enforceable SLAs to provide ongoing verification. The following is a list9 of additional security considerations to think about when choosing a cloud service provider. Security Selection Criteria Data center risk management and security practices Considerations What are the patch management policies and procedures? How does technology architecture and infrastructure impact the cloud service provider’s ability to meet SLAs? Can the cloud service provider offer trusted pools for your most sensitive workloads? Is encryption a software-only solution? How are systems, data, networks, management, provisioning, and personnel segmented? Are the controls segregating each layer of the infrastructure properly integrated so they do not interfere with each other? For example, investigate whether the storage compartmentalization can easily be bypassed by management tools or poor key management. What cloud access and identity protocols are used? How are attacks monitored and documented? How quickly can the cloud service provider respond? What recovery methods are used? How does the cloud service provider handle resource democratization and dynamism to best predict proper levels of system availability and performance through normal business fluctuations? How does the cloud service provider measure performance? Is the cloud service provider financially stable? How long has the vendor been in business? What is their current financial standing? Hardware-based security Technology segmentation Attack response and recovery System availability and performance Vendor financial stability 9 Adapted and expanded from How to Choose a Cloud Computing Vendor. Inc.com (November 29, 2010). inc.com/guides/2010/11/how-to-choose-a-cloud-computing-vendor.html 17 Intel IT Center Planning Guide | Cloud Security
Cloud Computing Security Planning Guide - Page 0001.html
Cloud Computing Security Planning Guide - Page 0002.html
Cloud Computing Security Planning Guide - Page 0003.html
Cloud Computing Security Planning Guide - Page 0004.html
Cloud Computing Security Planning Guide - Page 0005.html
Cloud Computing Security Planning Guide - Page 0006.html
Cloud Computing Security Planning Guide - Page 0007.html
Cloud Computing Security Planning Guide - Page 0008.html
Cloud Computing Security Planning Guide - Page 0009.html
Cloud Computing Security Planning Guide - Page 0010.html
Cloud Computing Security Planning Guide - Page 0011.html
Cloud Computing Security Planning Guide - Page 0012.html
Cloud Computing Security Planning Guide - Page 0013.html
Cloud Computing Security Planning Guide - Page 0014.html
Cloud Computing Security Planning Guide - Page 0015.html
Cloud Computing Security Planning Guide - Page 0016.html
Cloud Computing Security Planning Guide - Page 0017.html
Cloud Computing Security Planning Guide - Page 0018.html
Cloud Computing Security Planning Guide - Page 0019.html
Cloud Computing Security Planning Guide - Page 0020.html
Cloud Computing Security Planning Guide - Page 0021.html

A javascript error just appeared or you do not have installed a Flash Player plugin in your browser.

Prestimedia, your interactive publications solution provider, invites you to download the latest Adobe Flash plugin by clicking here

This e.print interactive catalogue is made by Prestimedia