9 Cloud Security Questions you need to ask Service Providers

Companies in Ireland and the UK who are considering cloud adoption might already have a general idea of the security risks inherent in cloud computing. However, since different providers may not offer the same levels of risk mitigation, it is important to know which providers can give sufficient assurance on cloud security.

Here are 10 cloud security questions to ask service providers vying for your attention.

1. Where will my data be located?

There are a variety of reasons why you will want to ask this question. One big reason is that there are certain countries that don’t have strict legislation (or any legislation at all) pertaining to cloud computing. In that case, the provider won’t be as motivated to apply high levels of risk mitigation.

So if your data is hosted off shore, then you might want to reconsider or at least conduct a deeper study regarding the security conditions there.

2. Do you have provisions for regulatory compliance?

Certain standards and regulations (e.g. PCI DSS and possibly the EU Data Protection Directive) have specific guidelines pertaining to data stored in the cloud. If your organisation is covered by any of these legislation, then you need to know whether your provider can help you meet requirements for compliance.

3. Who will have access to my data?

In a cloud environment, where your data is going to be managed by people who aren’t under your direct supervision, you’ll have to worry as much about internal threats as you would with external threats.

Therefore, you need to know how many individuals will have access to your data. You also need to know relevant information such as how admins and technicians with data access rights are screened prior to getting hired. You also need to determine what access controls are being implemented.

4. How is data segregated?

Since there will be other clients, you will want to know how your data is going to be segregated from theirs. Is there any possibility of an accidental or intentional data breach due to poor data segregation? Find out if your data is going to be encrypted and how strong the encryption algorithm is.

5. How will you support investigative activities?

Sometimes, even if strong cloud security measures are in place, a data breach can still happen. If it does happen, the provider should have ways to track each user/administrator’s activity that can sufficiently support a detailed data forensics investigation.

Find out whether logs are being kept and how detailed they are.

6. Are we protected by a Disaster Recovery/Business Continuity plan? How?

Don’t be fooled by sales talk of 100% up-time. Even the most robust cloud infrastructures can suffer outages too. But the important thing is that, when they do fail, they should be able to get up and running in the soonest time possible.

Don’t just ask about their guaranteed RPOs and RTOs. Find out whether your data and applications will be replicated across multiple sites. Unless the provider says they will be, you need to find a provider with a better infrastructure.

7. Can I get copies of my VMs?

In a cloud infrastructure, your servers are actually in the form of files known as virtual machines (VMs). Because VMs are just files, they should be easily copied. There may be issues though, like the VMs might be stored in a not-so-popular proprietary format. Another possible issue is that the provider may simply not allow copying.

Having copies of your VMs can be useful should you later on decide to transfer to another provider or even duplicate your cloud infrastructure on your own.

8. What will happen to my data when I scale down?

One outstanding benefit of cloud computing is that when your business demands drop, you can easily scale down computing resources and reduce your cloud spending. ?But what will happen to your data when you decommission virtual servers? Will they be discarded?

You might want your data to be retained up to a certain period. On the other hand, you might also want them to be deleted immediately. Ask about the provider’s data deletion/data retention policies and see if they are in line with yours.

9. What will happen to my data if I decide to close my account?

There might come a time when you’ll want to terminate your contract with your cloud provider. Just like in issue #8, you’ll want to find out more about data deletion/data retention policies.

Although some providers can give you detailed answers, many of these answers can include a lot of technical jargon that can leave you totally confused. If you want someone you can trust to:

  • simplify those answers;
  • help you pick the right cloud service provider, and
  • even make sure cloud security is really upheld once your cloud engagement is ?under way

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

A Definitive List of the Business Benefits of Cloud Computing

When you run a Google search for the “benefits of cloud computing”, you’ll come across a number of articles with a good list of those. However, most of them don’t go into the details, which nevertheless might still suit some readers. But if you’re looking for compelling business reasons to move your company’s IT to the cloud, a peripheral understanding of what this technology can do for you certainly won’t cut it.

Now, cloud computing is not just one of those “cool” technologies that come along every couple of years and which can only benefit a particular department.?What we’re talking about here really is a paradigm shift in computing that can transform not only entire IT infrastructures but also how we run our respective organisations.

I hate to think that some people are holding back on cloud adoption just because they haven’t fully grasped what they’re missing. That is why I decided to put together this list. I wanted to produce a list that would help top management gain a deeper understanding of the benefits of the cloud.

Cloud computing is one bandwagon you really can’t afford not to jump into. Here are ten good reasons why:

1.?Zero?CAPEX and low TCO for an enterprise-class IT infrastructure

2. Improves cash flow

3. Strengthens business continuity/disaster recovery capabilities

4. Lowers the cost of analytics

5. Drives business agility

6. Ushers in anytime, anywhere collaboration

7. Enhances information, product, and service delivery

8. Keeps entire organisation in-sync

9. ?Breathes life into innovation in IT

10. Cultivates optimal environments for development and testing

Zero CAPEX and low TCO for an enterprise-class IT infrastructure

Most cloud adopters with whom I’ve talked to cite this particular reason for gaining interest in the cloud.

Of course they had to dig deeper and consider all other factors before ultimately deciding to migrate. But the first time they heard cloud services could give them access to enterprise class IT infrastructures without requiring any upfront capital investment, they realised this was something worth exploring.

A good IT infrastructure can greatly improve both your cost-effectiveness and your capability to compete with larger companies. The more reliable, fast, highly-available, and powerful it is, the better.

But then building such an infrastructure would normally require a huge capital investment for networking equipment, servers, data storage, power supply, cooling, physical space, and others, which could run up to tens or even hundreds of thousands of euros. To acquire an asset this costly, you’d have to take in debt and be burdened by the ensuing amortisation.

If you’ve got volumes of cash stashed in your vault, cost might not be a problem. But then if you really have so much savings, wouldn’t it be more prudent to use it for other sales-generating projects? An extensive marketing endeavour perhaps?

A capital expenditure of this magnitude and nature, which normally has to be approved by shareholders, can be regarded as a high financial risk. What if business doesn’t do well and you wouldn’t need all that computing power? What if the benefits expected from the IT investment are not realised??You cannot easily convert your IT infrastructure into cash.

Remember we’re talking about a depreciating asset. So even assuming you can liquidate it, you still can’t hope to sell it at its buying price. These factors are going to play in the minds of your Board of Directors when they’re asked to decide on this CAPEX.

Incidentally, these issues don’t exist in a cloud-based solution.

A cloud solution typically follows a pay-as-you-go utility pricing model where you get billed monthly (sometimes quarterly) just like your electricity. ?In other words, it’s an expense you’ll need to pay for?at the end of a period over which the service’s value would have already been realised. Compare that with a traditional infrastructure wherein you’ll have to spend upfront but the corresponding value will still have to be delivered gradually in the succeeding months or years.

demand expense traditional infrastructure

From the point of view of your CFO, what could have been a CAPEX to acquire an asset that depreciates with time (and consequently reduces your company’s net worth), becomes a flexible operating expense (OPEX).?Truly, it is an operating expense that you can increase, decrease, or even totally discontinue, depending on what the prevailing business conditions demand.

demand expense cloud infrastructure

People who think they have done the math in comparing cloud-based and traditional IT infrastructures claim that, although they see how cloud solutions transform CAPEX into OPEX, they really don’t see any significant difference in overall costs.

However, these people have only gone as far as adding up the expected monthly expenses of a cloud solution over the estimated duration of an equivalent IT infrastructure’s effective lifespan and comparing the sum with that IT infrastructure’s price tag. You won’t get a clear comparison that way.

You need to consider all factors that contribute to the infrastructure’s Total Cost of Ownership (TCO). Once you factor in the costs of electricity, floor space, storage, and IT administrators, the economical advantages of choosing a cloud solution will be more evident. Add to that the costs of downtime such as: interruptions to business operations, technical support fees, and the need to maintain expensive IT staff who spend most of their time “firefighting”, and you’ll realise just how big the savings of cloud adopters can be.

Still not convinced? Well, we’re still getting started.?On our next post, we’ll take a closer look at the additional benefits of paying under an OPEX model instead of a CAPEX model.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
What Energy Management Software did for CDC

Chrome Deposit Corporation ? that’s CDC for short ? reconditions giant rollers used to finish steel and aluminium sheets in Portage, Indiana by applying grinding, texturing and plating methods. While management was initially surprised when the University of Delaware singled their plant out for energy assessment, this took them on a journey to bring energy consumption down despite being in an expansion phase.

Metal finishing and refinishing is an energy-intensive business where machines mainly do the work while workforces as small as 50 individuals tend them. Environmental impacts also need countering within a challenging environment of burgeoning natural gas and electricity prices.

The Consultant’s Recommendations

The University of Delaware was fortunate that Chrome Deposit Corporation had consistently measured its energy consumption since inception in 1986. This enabled it to pinpoint six strategies as having potential for technological and process improvements.

  • Insulate condensate tanks and pipes
  • Analyse flue gas air-fuel ratios
  • Lower compressed air pressures
  • Install stack dampers on boilers
  • Replace belts with pulleys and cogs
  • Fit covers on plant exhaust fans

CDC implemented only four of the six recommendations. This was because the boiler manufacturer did not recommend stack dampers, and the company was unable to afford certain process automation and controls.

Natural Gas Savings

The project team began by analysing stack gases from boilers used to heat chrome tanks and evaporate wastewater. They found the boilers were burning rich and that several joints in gas lines were leaking. Correcting these issues achieved an instant gas saving of 12% despite increased production.

Reduced Water Consumption

The team established that city water was used to cool the rectifiers. It reduced this by an astonishing 85% by implementing a closed-loop system and adding two chillers. This also helped the water company spend less on chemicals, and energy to drive pumps, purifiers and fans.

Summary of Benefits

Electricity consumption reduced by 18% in real terms, and natural gas by 35%. When these two savings are merged they represent an overall 25% energy saving. These benefits were implemented across the company?s six other plants, resulting in benefits CDC management never dreamed of when the University of Delaware approached them.

ecoVaro offers a similar data analytics service that is available online worldwide. We have helped other companies slash their energy bills with similarly exciting results. We?ll be delighted to share ideas that only data analytics can reveal.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Fine-tuning your Operations and keeping our staff Happy with FieldElite

They are the engine that drives your operations, but are you really giving you value for your money? How much time is spent by your personnel on lengthy paperwork and record-keeping, as opposed to actually providing the service to your customers? Manual tasks create bottlenecks and slow your operations, which in turn affects service delivery and customer satisfaction. You want to reach more clients and boost your brand image, growing your market share and generating more revenue. Field Service Management (FSM) software comes in optimise the operations of your mobile workforce, cut down resource wastage, and enhance your productivity as a firm, by actually enabling your field staff to get more done, thus achieving their individual goals. In fact, according to a report published by Fortune Business Insights?, the global FSM market- which stood at $2.29 billion as recently as 2018, will have expanded to $7.27 billion by 2026. What does this mean for your employees, and how do they benefit from FieldElite?

  • Skipping the paperwork with end-to-end automation

Filing reports, keeping track of equipment used, working on the Excel sheets for multiple jobs on a daily basis, all through to the routing and billing- it can be a logistical nightmare. It’s not just about the hours spent poring through documents and typing away at calculators. Manual work exposes you to the risks of human error. Missing records, inaccurate assessments of the situation on the ground due to the overwhelming data streaming in, putting the head office staff under strain- it all hampers the productivity of the company. 

Take scheduling for instance. You have different employees, and various jobs that need their attention, at different locations. It can be a plumbing company whose clients have water filters that need to be repaired, gas boilers inspected, leaking pipes fixed, and others who need new installations to be set up. Assigning your personnel to the different situations will need to take into account the type of job, and the amount of time that it will require, aspects such as the location and the crew that is closest to it. At the head office you will want to keep tabs on the jobs that are in progress, pending, complete, those on hold, and even those that have been cancelled. Running all these through traditional manual processes is enough to drive you to the edge. What’s more, tasks that slip through your fingers amidst the confusion will result in negative feedback from your customers- which you don’t want hitting your brand.

With a field service job management software like FieldELite, you get to handle it all from one dashboard. Optimise your service delivery using the accurate scheduler, that allows you to account for the location of your employees, the status of the job- from the urgent ones like emergency tasks, to the normal duties such as routine maintenance, and low-priority tasks. The field service scheduling software comes with a real-time location feature that allows you to determine the employees closest to the client’s premises who will be appropriate for the job, map out the service areas and give you a birds-eye view of all the operations on the ground, while being updated with the progress of each specific task. Less time is spent travelling to- and from the central office, and more on actually tending to your client’s needs. You can even have situations where you can assign end-of-day tasks to employees who will be passing on that route on their way home.

  • Enhanced resource utilisation that promotes personal and professional development

Skill is key across the industries- from electrical services, solar panel installation, landscaping, home remodelling, pest control, plumbing, HVAC system maintenance, to construction and property management. For the job to be done appropriately and make your clients happy, you want to assign the task to an employee who is particularly proficient at it. This tends to be glimpsed over during manual scheduling since the personnel at the head office will be swamped with so many files, and will pick the first one that comes close to fitting the job description, leading to overlapping of roles. Sure, they may get it done, having seen their colleagues do it and even helping them out when they worked together before on similar projects- but will it be up to the required standard? On the other hand, the FSM allows you to ensure that you get the right technician for the task- who will be more motivated, boosting their performance.

What about accidents? Your employees want to feel safe as they go about their mandate. Many of the field service jobs are hazardous- such as electrical repair jobs, window cleaning tasks at high rise buildings, to elevator repair jobs where a slight glitch can lead to severe ramifications. Field service management software also comes in handy here, where the head office can be notified of any emergency the moment it occurs, and arrange for the necessary action to be taken immediately. That way, your employees will not feel neglected while they are out in the field, showing them that their safety is a priority to your business- which in turn increases their morale. 

  • Readily available knowledgebase and feedback system

When the employees have been assigned a specific job, they will require certain information about it. This includes the scope of the task, history of previous repairs or maintenance that was carried out, accompanying images if needed, risk assessment, any hazards or contaminants that they will need to prepare for, to notes left by technicians who had handled it. Having to keep checking their email, or picking up documents at the office for the day’s job and walking around with them all day as they tend to one customer after another, will slow things down, and not to mention frustrate them. However, the FSM system is directly accessible by the employees via app on their phones. The information needed for each specific task will thus be at their fingertips, speeding up the process and ensuring that they will be ready for each project being handled. 

While carrying out the job itself, the employees will use the very same app to update the system on how it is progressing, chat with the staff at the head office, update the inventory and even place orders for extra parts if necessary. Since mobile service management software apps like FieldElite also work in offline mode, the photos, reports and other entries that are made are collected by the app and saved on the device. Once a network connection is established, they are then updated to the central database- thus ensuring that the job can proceed regardless of the location. 

Once the job is completed, the customer input is also taken, registered in the system through their e-signature. A signoff comment included gives the customer the opportunity to indicate their experience with the job, and the feedback that they would like to provide. In case the job has not been completed, then the scheduling software kicks in, putting it in queue for another appointment to take care of the task, or resolve the issue that had caused it not to be completed the first time. The completed tasks head right to invoicing, which is also handled within the field service management platform, making it a seamless task for the head office staff.

Ready to work with Denizon?

Contact Us Today