9 Cloud Security Questions you need to ask Service Providers

Companies in Ireland and the UK who are considering cloud adoption might already have a general idea of the security risks inherent in cloud computing. However, since different providers may not offer the same levels of risk mitigation, it is important to know which providers can give sufficient assurance on cloud security.

Here are 10 cloud security questions to ask service providers vying for your attention.

1. Where will my data be located?

There are a variety of reasons why you will want to ask this question. One big reason is that there are certain countries that don’t have strict legislation (or any legislation at all) pertaining to cloud computing. In that case, the provider won’t be as motivated to apply high levels of risk mitigation.

So if your data is hosted off shore, then you might want to reconsider or at least conduct a deeper study regarding the security conditions there.

2. Do you have provisions for regulatory compliance?

Certain standards and regulations (e.g. PCI DSS and possibly the EU Data Protection Directive) have specific guidelines pertaining to data stored in the cloud. If your organisation is covered by any of these legislation, then you need to know whether your provider can help you meet requirements for compliance.

3. Who will have access to my data?

In a cloud environment, where your data is going to be managed by people who aren’t under your direct supervision, you’ll have to worry as much about internal threats as you would with external threats.

Therefore, you need to know how many individuals will have access to your data. You also need to know relevant information such as how admins and technicians with data access rights are screened prior to getting hired. You also need to determine what access controls are being implemented.

4. How is data segregated?

Since there will be other clients, you will want to know how your data is going to be segregated from theirs. Is there any possibility of an accidental or intentional data breach due to poor data segregation? Find out if your data is going to be encrypted and how strong the encryption algorithm is.

5. How will you support investigative activities?

Sometimes, even if strong cloud security measures are in place, a data breach can still happen. If it does happen, the provider should have ways to track each user/administrator’s activity that can sufficiently support a detailed data forensics investigation.

Find out whether logs are being kept and how detailed they are.

6. Are we protected by a Disaster Recovery/Business Continuity plan? How?

Don’t be fooled by sales talk of 100% up-time. Even the most robust cloud infrastructures can suffer outages too. But the important thing is that, when they do fail, they should be able to get up and running in the soonest time possible.

Don’t just ask about their guaranteed RPOs and RTOs. Find out whether your data and applications will be replicated across multiple sites. Unless the provider says they will be, you need to find a provider with a better infrastructure.

7. Can I get copies of my VMs?

In a cloud infrastructure, your servers are actually in the form of files known as virtual machines (VMs). Because VMs are just files, they should be easily copied. There may be issues though, like the VMs might be stored in a not-so-popular proprietary format. Another possible issue is that the provider may simply not allow copying.

Having copies of your VMs can be useful should you later on decide to transfer to another provider or even duplicate your cloud infrastructure on your own.

8. What will happen to my data when I scale down?

One outstanding benefit of cloud computing is that when your business demands drop, you can easily scale down computing resources and reduce your cloud spending. ?But what will happen to your data when you decommission virtual servers? Will they be discarded?

You might want your data to be retained up to a certain period. On the other hand, you might also want them to be deleted immediately. Ask about the provider’s data deletion/data retention policies and see if they are in line with yours.

9. What will happen to my data if I decide to close my account?

There might come a time when you’ll want to terminate your contract with your cloud provider. Just like in issue #8, you’ll want to find out more about data deletion/data retention policies.

Although some providers can give you detailed answers, many of these answers can include a lot of technical jargon that can leave you totally confused. If you want someone you can trust to:

  • simplify those answers;
  • help you pick the right cloud service provider, and
  • even make sure cloud security is really upheld once your cloud engagement is ?under way

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Green Business!

Carbon emissions reduction has evolved beyond simply good citizenship to being a business tool. Implementing ?green? initiatives is now a competitive weapon which defines real business opportunities and bottom line savings that can contribute significant financial value to the organisation while meeting demanding customer requirements for sustainable and low-carbon products.

Energy efficiency is a low cost resource for achieving carbon emissions reduction. Better energy efficiency simply translates to lesser carbon emissions and less energy usage which translates into saved costs.

Reduction of an organisations carbon footprint is each and everyone?s responsibility. Human activities are the key responsibility for the release of greenhouse gas emissions into the atmosphere. These include usage of electricity generated from fossil fuel, heating or driving.

At the corporate level, various measures can be instigated to increase energy efficiency. Some of these can be, having zone lighting with sensors to minimise unnecessary office lighting, timers on large IT equipment, promoting energy efficient behaviour in the office, asking staff to switch off and unplug appliances when not in use and minimising staff travel.
At the individual level; it is the small habits that count; cultivating the habit of switching off unnecessary lights, plugging out appliances that are not in use, using video conferencing or online chatting instead of having to travel to meetings, using public transport instead of taking a taxi/ personal car and using energy efficient cars.

All these initiatives assist organisations in their corporate social responsibility reports and play a role in sustainability rankings which is instrumental to customers who are increasingly considering sustainability rankings in investment decisions, while achieving the goal of cost reduction internally.

Recognizing Your Carbon Footprint

Countless times we have heard of the term ?carbon footprint?. Perhaps we have seen and heard it on TV or read it in newspapers, magazines and published articles. Indeed, it has been an expression familiar to everyone as it is always associated with climate change, carbon emissions, global warming, pollution and other environmental issues. Carbon footprint is real. It exists and, in fact, continues to affect the world we live in.

Defining Carbon Footprint

Two essential words comprise the term carbon footprint. Fundamentally, ?carbon? means the carbon dioxide circulating in the atmosphere. It is also the general word used for other greenhouse gasses emitted into the air. On the other note, ?footprint? refers to impact or effect.

Think about the footprints people leave on the beach sand upon walking on the shore. That is exactly what carbon footprint is like. It’s about the impact humans leave on the earth in the form of carbon dioxide and other greenhouse gases.

Calculating Your Personal Carbon Footprint

The food we eat, products we use, vehicles we ride on and electricity we consume emit carbon dioxide. In fact, our activities, lifestyle, homes, and countries contribute to climate change. And carbon footprint is the best estimate we can get of the full impact our doings affect the earth. It quantifies the amount of our carbon emission. With this, knowing how to calculate your personal carbon footprint is important.

There are various standards in calculating one?s carbon footprint. There is the so-called ?lifestyle assessment? and the input-output analysis. Lifestyle assessment works by adding up all the feasible emission pathways while the input-output analysis involves determining the total emissions of a particular country, dividing it by the carbon-emitting sectors and estimating the overall emissions of each sector. The input-output analysis makes sure that no emission pathway is missed out.

Calculating your carbon footprint manually is an effective way for you to understand your emissions better. You just need a lot of patience to learn how each footprint is generated. Moreover, there are also several resources online that can help you calculate your carbon footprint. Online carbon calculators are abundant across the web. To make your life simpler, you can opt to try those online calculators and easily determine your carbon emissions. However, such calculators vary in scope. So make sure that the online carbon calculator, you choose, is one that?includes emissions both direct and indirect.

Avoiding Toe Prints

A toe print is a portion of a footprint. Sometimes, people are misled in their calculations because they only get a carbon toe print instead of a footprint. The idea is that, you should cover a smart scope of your carbon emissions. Not only measuring a portion, but the whole.

Say for example, running a conventional car. The carbon emitted from the car is not only the fuel combustion from the diesel or petrol.? Likewise, the carbon released as the gas was processed and transported to your nearby gasoline station is also an addition to your carbon footprint. If you do not understand this, you will end up calculating your direct emissions while neglecting the indirect ones.

Be wise in calculating your carbon footprint. And when in doubt, whether you are an individual or a business entity, you should seek help from experts who can do it right.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How Sustainable is Suez Environment

French-based Suez Environment works in the water and waste-management environment, with specific reference to water production, treatment, & pollution disposal, and waste treatment, recycling, incineration and site desensitisation. Its more than 65,000 employees distributed worldwide have participated in flagship projects like Renault’s goal of 95% reclamation of vehicle parts, and Lyonnaise des Eaux?s saving of 12 million cubic meters of water in a single year.

Suez Environment claims to have consistently increased the recovery rate of treated waste, decreased direct and indirect greenhouse gas emissions, and made significant inroads into the production of sustainable energy on behalf of its clients. But then surely that’s Suez Environment’s business, and with over 65,000 employees we are entitled to expect this. Given that there have been persistent allegations of privatised water distribution bumping prices up to the detriment of the poor, how effective is Suez Environment at practising what it preaches back home?

GDF Suez is its largest shareholder and includes it under its environmental and societal responsibility umbrella. This makes environmental performance an overarching goal alongside management systems, health and safety, risk and procurement, and ethics. Its environmental ambitions spin out into the following strategies:

  • Understand the interactions between our activities and the environment
  • Open dialogue with stakeholders and foster partnerships with them
  • Set quantitative and qualitative targets at all levels of the organisation
  • Achieve optimum balance between financial and environmental challenges
  • Be proactive; anticipate impacts on the environment and plan for them
  • Increase employee awareness through interactive training and education
  • Be constantly innovative; share successes within the organisation
  • Monitor progress continuously and publish measured results achieved.

These goals direct the Suez Environment management team?s attention towards optimising performance in key areas like greenhouse gases, energy management, renewable energy, biodiversity, responsible water management, pollution prevention and health and safety considerations.

Among numerous other examples, its waste incineration programs convert hazardous and conventional waste into heat used to generate electricity without requiring virgin carbon products. Elsewhere, the same energy warms market-gardening tunnels and work places on winter days.

Suez Environment uses sophisticated energy management software to analyse information that’s transmitted by data logging devices online. ecoVaro provides a similar service in the cloud. ecoVaro adapts to your requirements providing fresh insights to your business.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today