9 Cloud Security Questions you need to ask Service Providers
Companies in Ireland and the UK who are considering cloud adoption might already have a general idea of the security risks inherent in cloud computing. However, since different providers may not offer the same levels of risk mitigation, it is important to know which providers can give sufficient assurance on cloud security.
Here are 10 cloud security questions to ask service providers vying for your attention.
1. Where will my data be located?
There are a variety of reasons why you will want to ask this question. One big reason is that there are certain countries that don’t have strict legislation (or any legislation at all) pertaining to cloud computing. In that case, the provider won’t be as motivated to apply high levels of risk mitigation.
So if your data is hosted off shore, then you might want to reconsider or at least conduct a deeper study regarding the security conditions there.
2. Do you have provisions for regulatory compliance?
Certain standards and regulations (e.g. PCI DSS and possibly the EU Data Protection Directive) have specific guidelines pertaining to data stored in the cloud. If your organisation is covered by any of these legislation, then you need to know whether your provider can help you meet requirements for compliance.
3. Who will have access to my data?
In a cloud environment, where your data is going to be managed by people who aren’t under your direct supervision, you’ll have to worry as much about internal threats as you would with external threats.
Therefore, you need to know how many individuals will have access to your data. You also need to know relevant information such as how admins and technicians with data access rights are screened prior to getting hired. You also need to determine what access controls are being implemented.
4. How is data segregated?
Since there will be other clients, you will want to know how your data is going to be segregated from theirs. Is there any possibility of an accidental or intentional data breach due to poor data segregation? Find out if your data is going to be encrypted and how strong the encryption algorithm is.
5. How will you support investigative activities?
Sometimes, even if strong cloud security measures are in place, a data breach can still happen. If it does happen, the provider should have ways to track each user/administrator’s activity that can sufficiently support a detailed data forensics investigation.
Find out whether logs are being kept and how detailed they are.
6. Are we protected by a Disaster Recovery/Business Continuity plan? How?
Don’t be fooled by sales talk of 100% up-time. Even the most robust cloud infrastructures can suffer outages too. But the important thing is that, when they do fail, they should be able to get up and running in the soonest time possible.
Don’t just ask about their guaranteed RPOs and RTOs. Find out whether your data and applications will be replicated across multiple sites. Unless the provider says they will be, you need to find a provider with a better infrastructure.
7. Can I get copies of my VMs?
In a cloud infrastructure, your servers are actually in the form of files known as virtual machines (VMs). Because VMs are just files, they should be easily copied. There may be issues though, like the VMs might be stored in a not-so-popular proprietary format. Another possible issue is that the provider may simply not allow copying.
Having copies of your VMs can be useful should you later on decide to transfer to another provider or even duplicate your cloud infrastructure on your own.
8. What will happen to my data when I scale down?
One outstanding benefit of cloud computing is that when your business demands drop, you can easily scale down computing resources and reduce your cloud spending. ?But what will happen to your data when you decommission virtual servers? Will they be discarded?
You might want your data to be retained up to a certain period. On the other hand, you might also want them to be deleted immediately. Ask about the provider’s data deletion/data retention policies and see if they are in line with yours.
9. What will happen to my data if I decide to close my account?
There might come a time when you’ll want to terminate your contract with your cloud provider. Just like in issue #8, you’ll want to find out more about data deletion/data retention policies.
Although some providers can give you detailed answers, many of these answers can include a lot of technical jargon that can leave you totally confused. If you want someone you can trust to:
simplify those answers;
help you pick the right cloud service provider, and
even make sure cloud security is really upheld once your cloud engagement is ?under way
The theory that it is possible to manage organisational change (Change Management) in a particular direction has done the rounds for quite some time, but is it true about Change Management. Was Barrack Obama correct when he said, ?Change will not come if we wait for some other person or some other time. We are the ones we have been waiting for. We are the change that we seek.?
Or, was business coach Kelly A Morgan more on the button when she commented, ?Changes are inevitable and not always controllable. What can be controlled is how you manage, react to, and work through the change process.? Let us consult the evidence and see what statisticians say.
What the Melcrum Report Tells Us
Melcrum are ?internal communication specialists who work alongside leaders and teams around the globe to build skills and best practice in internal communication.? They published a report after researching over 1,000 companies that attempted change management and advised:
? More than 50% report improved customer satisfaction
? 33% report higher productivity
? 28% report improvements in employee advocacy
? 27% improved status as a great place to work
? 27% report increased profitability
? 25% report improved absenteeism
Sounds great until we flip the mirror around and consider what the majority apparently said:
? 50% had no improvement in customer service
? 67% did not report increased productivity
? 72% did not note improvements in employee advocacy
? 73% had no improved status among job seekers
? 73% did not report increased profitability
? 75% did not report any reduction of employee absenteeism
This shows it is still a great idea to hear what all parties have to say before reaching a conclusion. You may be interested to know the Melcrum report gave rise to the legend that 70% of organisation change initiatives fail. This finding has repeated numerous times. Let’s hear what the psychologists have to say next.
There is a certain amount of truth in the old adage that says, ?You can lead a horse to water but you cannot make him drink.? Which of us has not said, ?Another flavour of the week ? better keep heads down until it passes? during a spell in the corporate world. You cannot change an organisation, but you can change an individual.
At the height of the Nazi occupation of 1942, French philosopher-writer Antoine de Saint-Exup?ry said, ?A rock pile ceases to be a rock pile the moment a single man contemplates it, bearing within him the image of a cathedral?. Psychology Today suggests five false assumptions change management rests upon, THAT ARE SIMPLY NOT TRUE.
1. The external world is orderly, stable, predictable and can be managed
2. Change managers are objective, and do not import their personal bias
3. The world is static and orderly and can be changed in linear steps
4. There is a neutral starting point where we can gather all participants
5. Change is worthy in itself, because all change is an improvement
Leo Tolstoy wrote, ?Everyone thinks of changing the world, but no one thinks of changing himself.? A prophet can work no miracles unless the people believe. From the foregoing, it is evident that change management of an organisation is a 70% impossibility, but encouraging an individual to grow is another matter.
A McKinsey Report titled Change Leader, Change Thyself fingers unbelieving managers as the most effective stumbling stones to change management. To change as individuals ? and perhaps collectively change as organisations ? we need to ?come to our own full richness?, and as shepherds lead our flock to their ?promised land?, whatever that may be. Conversely, herding our flock with a pack of sheepdogs extinguishes that most precious thing of all, human inspiration.
For many people within the UK, water is not really something to worry about. Surely enough of it falls out the sky throughout the year that it does feel highly unlikely that we?ll ever run out of it. There certainly does seem to be an abundance of Branded Water available in plastic bottles on our supermarket shelves.
Water, water, every where, And all the boards did shrink; Water, water, every where, Nor any drop to drink.
Despite this, Once-unthinkable water crises are becoming commonplace. If you consider that In England and Wales, we use 16 billion litres of clean drinking water every day ? that’s equivalent to 6,400 Olympic sized swimming pools.
Currently, water companies can provide slightly more than we need ? 2 billion litres are available above and beyond what we’re using. In some areas, though, such as south east England, there is no surplus and, as such, these regions are more likely to face supply restrictions in a dry year.
If we take little moment to reflect on some of the most notable water related stories over the past few years, we’ll start to get a picture of just how real the potential and the threat of water shortages can be.
Reservoirs in Chennai, India?s sixth-largest city, are nearly dry right now. Last year, residents of Cape Town, South Africa narrowly avoided their own Day Zero water shut-off.
It was only year before that, Rome rationed water to conserve scarce resources.
Climate change is likely to mean higher temperatures which may drive up the demand for water (alongside population growth) and increase evaporation from reservoirs and water courses during spring and summer.
The impact of climate change on total rainfall is uncertain, but the rain that does fall is likely to arrive in heavier bursts in winter and summer. Heavier rain tends to flow off land more quickly into rivers and out to sea, rather than recharging groundwater aquifers.
A greater chance of prolonged dry periods is also conceivable. This combined with the harsh reality that no human population can sustain itself without sufficient access to fresh water.
If present conditions continue, 2 out of 3 people on Earth will live within a water-stressed zone by 2025
What is water stress?
Water stress is a term used to describe situation when demand for water is greater than the amount of water available at a certain period in time, and also when water is of poor quality and this restricts its usage. Water stress means deterioration in both the quantity of available water and the quality of available water due to factors affecting available water.
Water stress refers to the ability, or lack thereof, to meet human and ecological demand for water. Compared to scarcity, water stress is a more inclusive and broader concept.
Water Stress considers several physical aspects related to water resources, including water scarcity, but also water quality, environmental flows, and the accessibility of water.
Supply and Demand
Major factors involved when water scarcity strikes is when a growing populations demand for water exceeds the areas ability to service that need.
Increased food production and development programs also lead to increased demand for water, which ultimately leads to water stress.
Increased need for agricultural irrigation in order to produce more crops or sustain livestock are major contributors to localised water stress.
Overconsumption
The demand for water in a given population is fairly unpredictable. Primarily, based on the fact that you can never accurately predict human behaviour and changes in climate.
If too many people are consuming more water than they need because they mistakenly believe that water is freely available and plentiful, then water stress could eventually occur.
This is also linked to perceived economic prosperity of a give region. Manufacturing demand for water can have huge impact regardless whether water is actively used within the manufacturing process or not.
Water Quality
Water quality in any given area is never static. Water stress could happen as a result of rising pollution levels having a direct impact on water quality.
Water contamination happens when new industries either knowingly or unknowingly contaminate water with their industrial practices.
Largely, this can happen and frequently does so because these industries do not take effective control of monitoring and managing their impact on communal water supplies. Incorrectly assuming this is the responsibility of an additional third party like the regional water company.
The truth is, water quality and careful monitoring of it is all of our responsibility.
Water Scarcity
Simple increases in demand for water can in itself contribute to water scarcity. However, these are often preceded by other factors like poverty or just the natural scarcity of water in the area.
In many instances, the initial locations of towns or cities were not influenced by the close proximity of natural resources like water, but rather in pursuit of the extraction of other resources like Gold, Coal or Diamonds.
For Instance, Johannesburg, South Africa is the largest City in South Africa and is one of the 50 largest urban areas in the world. It is also located in the mineral rich Witwatersrand range of hills and is the centre of large-scale gold and diamond trade.
Johannesburg is also one of the only major cities of the world that was not built on a river or harbour. However, it does have streams that contribute to two of Southern Africas mightiest rivers – Limpopo and the Orange rivers. However, most of the springs from which many of these streams emanate are now covered in concrete!
Water Stress and Agriculture
Peter Buss, co-founder of Sentek Technology calls ground moisture a water bank and manufactures ground sensors to interrogate it. His hometown of Adelaide is in one of the driest states in Australia. This makes monitoring soil water even more critical, if agriculture is to continue. Sentek has been helping farmers deliver optimum amounts of water since 1992.
The analogy of a water bank is interesting. Agriculturists must ?bank? water for less-than-rainy days instead of squeezing the last drop. They need a stream of real-time data and utilize cloud-based storage and processing power to curate it.
Sentek?s technology can be found in remote places like Peru?s Atacamba desert and the mountains of Mongolia, where it supports sustainable floriculture, forestry, horticulture, pastures, row crops and viticulture through precise delivery of scarce water.
This relies on precision measurement using a variety of drill and drop probes with sensors fixed at 4? / 10cm increments along multiples of 12? / 30cm up to 4 times. These probe soil moisture, soil temperature and soil salinity, and are readily repositioned to other locations as crops rotate.
Peter Buss is convinced that measurement is a means to an end and only the beginning. ?Too often, growers start watering when plants don’t really need it, wasting water, energy, and labour. By accurately monitoring water can be saved until when the plant really needs it.
Peter also emphasises that crop is the ultimate sensor, and that ?we should ask the plant what it needs?.
This takes the debate a stage further. Water wise farmers should plant water-wise crops, not try to close the stable door after the horse has bolted and dry years return.
The South Australia government thinks the answer also lies in correct farm dam management. It wants farmers to build ones that allow sufficient water to bypass in order to sustain the natural environment too.
There is more to water management than squeezing the last drop. Soil moisture goes beyond measuring for profit. It is about farming sustainably using data from sensors to guide us.
Ecovaro is ahead of the curve as we explore imaginative ways to exploit the data these provide for the common good of all.
A Quarter of the World?s Population, Face High Water Stress
Data from WRI?s Aqueduct tools reveal that 17 countries? home to one-quarter of the world?s population?face ?extremely high? levels of baseline water stress, where irrigated agriculture, industries and municipalities withdraw more than 80% of their available supply on average every year.
Water stress poses serious threats to human lives, livelihoods and business stability. It’s poised to worsen unless countries act: Population growth, socioeconomic development and urbanization are increasing water demands, while climate change can make precipitation and demand more variable.
How to manage water stress
Water stress is just one dimension of water security. However, like any challenge, its outlook depends on adequate monitoring and management of environmental data.
Even countries with relatively high water stress have effectively secured their water supplies through proper management by leveraging the knowledge they have garnered by learning from the data they gathered.
3 ways to help reduce water stress
In any geography, water stress can be reduced by measures ranging from common sense to innovative technology solutions.
There are countless solutions, but here are three of the most straightforward:
1. Increase agricultural efficiency: The world needs to make every drop of water go further in its food systems. Farmers can use seeds that require less water and improve their irrigation techniques by using precision watering rather than flooding their fields.
Businesses need to increase investments to improve water productivity, while engineers develop technologies that improve efficiency in agriculture.
2. Invest in grey and green infrastructure: D Data produced by Aqueduct Alliance – shows that water stress can vary tremendously over the year. WRI and the World Bank?s researchshows that built infrastructure (like pipes and treatment plants) and green infrastructure (like wetlands and healthy watersheds) can work in tandem to tackle issues of both water supply and water quality.
3. Treat, reuse and recycle: We need to stop thinking of wastewater as waste.
Treating and reusing it creates a ?new? water source.
There are also useful resources in wastewater that can be harvested to help lower water treatment costs. For example, plants in Xiangyang, China and Washington, D.C. reuse or sell the energy- and nutrient-rich byproducts captured during wastewater treatment.
Summary
The data is undeniably clear, there are very worrying trends in water.
Businesses and other other organisations need to start taking action now and investing in better monitoring and management, we can solve water issues for the good of people, economies and the planet. We collectively cannot kick this can down the road any further, or assume that this problem will be solved by others.
It is time, for a collective sense of responsibility and for everyone to invest in future prosperity of our Planet as a collective whole. Ecological preservation should be at the forefront of all business plans because at the end of the day profit is meaningless without an environment to enjoy it in!
Are you ready to outsource? Do you even need to outsource? We’ll help you answer those and other questions regarding outsourcing and your company.
Once we’ve determined that outsourcing will render your organisation more focused on your core competencies, more cost-effective, and more flexible, we’ll offer you the full spectrum of our services. Our specialists can assist you in every stage of the entire outsourcing life-cycle.
Starting from evaluating what can be outsourced, through finding the right outsourcing service provider, building the contract and agreements, getting everything in place, and managing the outsourcing relationship – we’ll be with you every step of the way.
Learn more about some of the outsourcing services we offer:
Outsourcing Contracts and Agreements
When an outsourcing project fails, both customer and service provider are quick to put the blame on the other party. But in most cases, the actual culprit was really just sitting there since day one – a poorly planned and implemented agreement.
We understand how costly and disruptive a failed outsourcing project can be for your business. That is why we put utmost attention to each contract and SLA (Service Level Agreement) that our customers enter into. This always reduces the likelihood of having unmet expectations, one of the major reasons why some outsourcing relationships fail.
We make sure that each agreement is fair, not only for our customers but also for the service providers themselves. Why? Because a disadvantaged provider will most likely end up delivering poor service as an offshoot of efforts to improve its profitability and ROI.
To accomplish this, we’ll thoroughly assess the infrastructure, resources, and expertise of your potential service provider to ensure they have the capability to meet your expectations. We’ll also make sure that their expectations are realistic and clear to you as well.
Here’s what you can expect from us when we start managing your outsourcing contracts and agreements:
A thorough assessment of your specific needs and the service provider’s profile to determine whether you have the right match before proceeding with any agreement.
Professional assistance when the time comes for you to discuss the scope of work, expected service levels, and when negotiating for appropriate pricing. We’ll also help you set up provisions for possible changes in the scope later on.
Expert counsel during drafting and finalisation of the contract and Service Level Agreements. Whenever applicable, we’ll help you propose penalties whenever service levels are not met and rewards when they are exceeded.
Regular reviews to determine whether everything agreed upon in the past, like pricing and service levels, are still realistic or competitive enough in view of current technological advancements and the prevailing social and economic environment.
Mediation expertise whenever the outsourcing project appears to be falling apart. We’ll work with you and the service provider to resolve conflicts and avoid the expensive exercise of having to terminate the contract. But if the best solution is to part ways, we’ll make sure you make an exit with the least disruption, missed opportunities and financial loss.
Application Outsourcing
I’m sure you’ve come to realise that to gain competitive advantage these days, you really need to invest in IT applications.
There are applications for enhancing your customer relationships, speeding up production, streamlining processes, advancing collaboration, protecting your systems from malware and many more. Selecting the right application, testing it, implementing it into your system, and then managing it can deviate resources which would have otherwise been used in other areas to build business value, increase profits, and enhance innovation.
Wouldn’t it be nice to unload yourself of the management processes which usually accompany IT applications? Actually, you can – through application outsourcing. Application outsourcing providers possess the expertise to either partially or fully assume responsibility of your IT applications.
Our job is to see to it that you link up with the provider who can best answer your needs. The overall proficiency of these providers spans both proprietary and opensource solutions, allowing them to cater to a wide range of preferences and budgetary limits. At the very least, they can provide professional support for well established applications.
If needed, they can develop applications for your organisation, taking charge of every step in the system development life-cycle: starting from system initiation, requirements analysis, through design, construction, acceptance and eventually to implementation.
Here are some of the benefits you can enjoy once we start managing your application outsourcing initiatives:
Freedom from time-consuming tasks such as installations, upgrades, configurations and repairs.
Reduced total cost of ownership (TCO).
24/7 support from well-trained personnel. This can substantially cut downtimes caused by inexperienced troubleshooting.
The option to have your applications housed in more secure and reliable environments with much higher availability and much lower planned/unplanned downtimes.
Dedicated specialists who can focus on providing better regulatory compliance and risk mitigation initiatives.
Infrastructure Outsourcing
Keeping up with the competition nowadays usually requires technological advancements as well as the capability to manage and maintain the infrastructure that has to support them. These undertakings can suck your resources dry.
If you’re looking to reduce costs even while improving the performance of your networks, servers, databases, firewalls, desktops and mobile devices, you might want to consider IT infrastructure outsourcing among your top options. Infrastructure outsourcing service providers have the resources dedicated to a stable, secure, scalable and always available IT infrastructure.
Typical service provider facilities include data centrers equipped with high-speed networks, reliable power, dependable security, as well as provisions for upgrades, consolidation, disaster recovery, or even business continuity.
These providers employ specialists and staff who can manage and maintain all of these for you. While your provider juggles your core IT-related tasks, you can keep your eye on the ball and refocus on your company’s business goals.
Here are some of the benefits you can enjoy out of infrastructure outsourcing:
Freedom from time-consuming tasks such as installations, upgrades, configurations and repairs.
Since service providers, who are expected to have better horizontal and vertical scalability, will deal with the technological intricacies, your company’s strategic development initiatives can proceed unhampered.
Greatly reduced electricity expenses as a result of consolidation.
Easier, faster, cheaper, and more reliable disaster-recovery solutions through virtualisation.
Lesser risks of disruptions caused by power outages, cyber attacks, or Internet connection downtimes.
Business Process Outsourcing
With the sheer number of business processes your company has to attend to, it wouldn’t be surprising if you rarely have room to innovate.
Through business process outsourcing, we can free a considerable part of your financial and manpower resources which are currently focused on routine activities. With more resources to drive innovative initiatives, you’ll be able to accelerate production, improve customer service, enhance overall business value, and arrive at a stronger bottom line.
Some of the business processes that may be outsourced include data entry, finance and accounting, form processing, procurement, and HR, among others. If you’re interested in finding answers to the what, how, who, and where of BPO, specific to your organisation, we’ll be happy to enlighten you.
Here are some of the benefits you can enjoy once we start managing your BPO initiatives:
Professional guidance to ensure that your BPO undertakings will really result in substantial savings and significant improvements to your organisation’s business value.
Careful monitoring of service levels to ensure faster turnaround, accurate data, and high quality outputs.
Expert evaluation of information handling processes to guarantee full confidentiality.
Professional and unbiased management dedicated to establishing a strong, reliable, and fruitful relationship between you and your provider.
