9 Cloud Security Questions you need to ask Service Providers

Companies in Ireland and the UK who are considering cloud adoption might already have a general idea of the security risks inherent in cloud computing. However, since different providers may not offer the same levels of risk mitigation, it is important to know which providers can give sufficient assurance on cloud security.

Here are 10 cloud security questions to ask service providers vying for your attention.

1. Where will my data be located?

There are a variety of reasons why you will want to ask this question. One big reason is that there are certain countries that don’t have strict legislation (or any legislation at all) pertaining to cloud computing. In that case, the provider won’t be as motivated to apply high levels of risk mitigation.

So if your data is hosted off shore, then you might want to reconsider or at least conduct a deeper study regarding the security conditions there.

2. Do you have provisions for regulatory compliance?

Certain standards and regulations (e.g. PCI DSS and possibly the EU Data Protection Directive) have specific guidelines pertaining to data stored in the cloud. If your organisation is covered by any of these legislation, then you need to know whether your provider can help you meet requirements for compliance.

3. Who will have access to my data?

In a cloud environment, where your data is going to be managed by people who aren’t under your direct supervision, you’ll have to worry as much about internal threats as you would with external threats.

Therefore, you need to know how many individuals will have access to your data. You also need to know relevant information such as how admins and technicians with data access rights are screened prior to getting hired. You also need to determine what access controls are being implemented.

4. How is data segregated?

Since there will be other clients, you will want to know how your data is going to be segregated from theirs. Is there any possibility of an accidental or intentional data breach due to poor data segregation? Find out if your data is going to be encrypted and how strong the encryption algorithm is.

5. How will you support investigative activities?

Sometimes, even if strong cloud security measures are in place, a data breach can still happen. If it does happen, the provider should have ways to track each user/administrator’s activity that can sufficiently support a detailed data forensics investigation.

Find out whether logs are being kept and how detailed they are.

6. Are we protected by a Disaster Recovery/Business Continuity plan? How?

Don’t be fooled by sales talk of 100% up-time. Even the most robust cloud infrastructures can suffer outages too. But the important thing is that, when they do fail, they should be able to get up and running in the soonest time possible.

Don’t just ask about their guaranteed RPOs and RTOs. Find out whether your data and applications will be replicated across multiple sites. Unless the provider says they will be, you need to find a provider with a better infrastructure.

7. Can I get copies of my VMs?

In a cloud infrastructure, your servers are actually in the form of files known as virtual machines (VMs). Because VMs are just files, they should be easily copied. There may be issues though, like the VMs might be stored in a not-so-popular proprietary format. Another possible issue is that the provider may simply not allow copying.

Having copies of your VMs can be useful should you later on decide to transfer to another provider or even duplicate your cloud infrastructure on your own.

8. What will happen to my data when I scale down?

One outstanding benefit of cloud computing is that when your business demands drop, you can easily scale down computing resources and reduce your cloud spending. ?But what will happen to your data when you decommission virtual servers? Will they be discarded?

You might want your data to be retained up to a certain period. On the other hand, you might also want them to be deleted immediately. Ask about the provider’s data deletion/data retention policies and see if they are in line with yours.

9. What will happen to my data if I decide to close my account?

There might come a time when you’ll want to terminate your contract with your cloud provider. Just like in issue #8, you’ll want to find out more about data deletion/data retention policies.

Although some providers can give you detailed answers, many of these answers can include a lot of technical jargon that can leave you totally confused. If you want someone you can trust to:

  • simplify those answers;
  • help you pick the right cloud service provider, and
  • even make sure cloud security is really upheld once your cloud engagement is ?under way

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Increase Customer Loyalty with Field Service Management Software

One sure way to turn off customers is to give them a disappointing experience. It cuts across the board- from plumbing jobs, electrical installation and maintenance projects, window cleaning or repair, tenants in the property you’re managing, to package delivery firms. If your customers keep witnessing delays, cancelled appointments, to oversights like double booking which end up messing their individual schedules, they are likely to stop hiring your services and seek out a competitor.?

Field service jobs are particularly prone to such blunders, especially with the traditional manual way of doing things. While smartphones and computers have been infused into the day-to-day running of businesses, it is still common to find companies relying on manual processes to schedule their appointments, track the employees providing the services, monitor the progress of the jobs and ask for status updates, to managing inventory and invoices for completed tasks. This creates a major bottleneck in operations. The Small & Medium Business Trends Report, that took responses from nearly 500 SMB owners and leaders, showed that they spend an average of 23% of each workday manually inputting data. This is time that would have otherwise been spent tending to the customers? needs. It creates a backlog of tasks, forcing the customers to wait for longer to get their issues handled.?

The inefficiencies witnessed in these traditional methods led to the advent of field service business management software. These systems come in to optimise operations and enhance your service delivery. As a business, automating your scheduling, job tracking, routing procedures and handling the invoicing, all through a single platform, greatly reduces your workload. Managing inventory, communicating with your employees out in the field through handy apps on their phone, giving them access to a database of reports and notes on the various jobs they have been tasked with – these all aid in smoothing out the sorting of tasks, and gets rid of the mounds of paperwork that would have been required.?

From Your Customer’s Perspective

When you’re facing a plumbing leak at home, electrical faults that result in power outages in the office building, damaged gas boilers that are hampering operations in the industrial plants- you want them to be addressed. Homeowners, business owners and facility managers in these situations are anxious about getting the issue resolved- yet the firm they are relying on to handle it is caught up in a logistical nightmare, boggled down by paperwork that prevents them from sending their technicians to the location. You really don’t want to hear a series of excuses about why your problem could not be addressed in time. While delays can be a nuisance, cancelled appointments are altogether exasperating. See, the customer is left in a difficult position, since the problem is not resolved, and they have to contend with having to make a subsequent appointment- of which they will not be sure if they can bank on the hired firm to deliver on its mandate. With an FSM, you get to prevent such incidents from occurring.

How Your Customers Benefit From Field Service Job Management Software

Reliable services

Firstly, the customer wants services that they can count on. When an issue arises and an appointment scheduled, they want it to be honoured. With the FSM, you get to accurately schedule the tasks, from the timing involved to assigning it to the appropriate technician, who is skilled in the task. With the automated scheduling and dispatching, the technician downtime that was previously witnessed is reduced- which has the welcome benefit of cutting down your operational costs.?

Speaking of which, the confusion that was previously seen when perusing through documents and simply calling up the first employee whose skill is similar to the job description, is avoided. Here, the field service management platform enables you to determine the most appropriate member of your workforce to handle the task. This makes them more motivated at their job, resulting in higher quality results- whether it’s an installation task, repair and maintenance project, or cleaning service for companies providing them in residential and commercial buildings.?

Get it done right the first time around

The field service scheduling software enables the technician to have all the information pertaining to the job accessible in real-time. This is availed via app– that the technicians will have on their phones. It is through this very app that they will make updates of the tasks being handled, sending in notes, photos and reports to the system. These will, in turn, be monitored at the head office all through the progress of the job, being managed through the interactive FSM dashboard.?

With the customer’s history being accessed by the technician, information that includes the specs and hazards about the particular job being handled, notes from the previous technicians who had been tasked to the building- such as the installation crew and previous repairs that had been done, will enable the personnel on the ground make well-informed decisions throughout the course of the task. Any issues that arise will also be taken note of, equipment and parts ordered through the app as well, ensuring that things proceed seamlessly. That way, the percentage of situations getting fully resolved during the first appointment increases- which translates to fewer cases of complaints being made.?

Instant invoicing

Immediately the job is done, the customer inputs their e-signature through the app, and the technician marks the task as completed, the very same FSM is used to process the invoice and send out an emailed copy to the customer. This will be an accurate invoice, without any data loss, and the customer can then proceed to make the payment through their preferred mode- from credit card payments to cash, without having to wait for hours for paperwork to be processed. All this information is securely stored on the cloud-based platform.

Creating a great first impression

Your image is a core part of your operations. Certainly, you don’t want to come off as disorganised- and your customers will be quick to note this with issues like missing records, outdated reports, lateness, and improper assigning of tasks. On the other hand, having a modern digital solution integrated into your field service operations will enable you to make a great first impression, showing the level of professionalism with which you offer your services.

Customer access

FSM platforms like FieldElite also give the customers themselves access to the system, through their own dashboard. This is particularly handy given that there are cases where the customer will have multiple jobs to be carried out- like property managers who keep on having cases of plumbing accidents, electrical faults, and cleaning service needs in the different buildings that they are in charge of.?

Through the customer portal, they will be able to make appointments, track the history of repair and maintenance jobs carried out on the property, and follow up on queries. What’s more, together with the IoT where FieldElite links to ecoVaro, one can have an interactive energy management system in place to keep accurate tabs on the energy consumption, efficiency, point out areas where repairs are needed, and have technicians come over- with the bookings being made through the FSM.

Enhance Customer Experience And Score New Business Opportunities

Customer service is a key aspect of your operations. When your customers are well tended to, with their needs being met in a timely and proficient manner, it wins you their loyalty, and they’ll be more open to sending referrals your way- growing your market share. Feedback- from testimonials on your site to the reviews on your social media handles, also aids in this- and you want to have satisfied clients who will put out a good word about your brand. By investing in field software for service businesses, you will increase your employees? productivity, monitor trends, improve communication between your head office and the technicians on the ground, all of which come together to increase customer satisfaction.

A Definitive List of the Business Benefits of Cloud Computing

When you run a Google search for the “benefits of cloud computing”, you’ll come across a number of articles with a good list of those. However, most of them don’t go into the details, which nevertheless might still suit some readers. But if you’re looking for compelling business reasons to move your company’s IT to the cloud, a peripheral understanding of what this technology can do for you certainly won’t cut it.

Now, cloud computing is not just one of those “cool” technologies that come along every couple of years and which can only benefit a particular department.?What we’re talking about here really is a paradigm shift in computing that can transform not only entire IT infrastructures but also how we run our respective organisations.

I hate to think that some people are holding back on cloud adoption just because they haven’t fully grasped what they’re missing. That is why I decided to put together this list. I wanted to produce a list that would help top management gain a deeper understanding of the benefits of the cloud.

Cloud computing is one bandwagon you really can’t afford not to jump into. Here are ten good reasons why:

1.?Zero?CAPEX and low TCO for an enterprise-class IT infrastructure

2. Improves cash flow

3. Strengthens business continuity/disaster recovery capabilities

4. Lowers the cost of analytics

5. Drives business agility

6. Ushers in anytime, anywhere collaboration

7. Enhances information, product, and service delivery

8. Keeps entire organisation in-sync

9. ?Breathes life into innovation in IT

10. Cultivates optimal environments for development and testing

Zero CAPEX and low TCO for an enterprise-class IT infrastructure

Most cloud adopters with whom I’ve talked to cite this particular reason for gaining interest in the cloud.

Of course they had to dig deeper and consider all other factors before ultimately deciding to migrate. But the first time they heard cloud services could give them access to enterprise class IT infrastructures without requiring any upfront capital investment, they realised this was something worth exploring.

A good IT infrastructure can greatly improve both your cost-effectiveness and your capability to compete with larger companies. The more reliable, fast, highly-available, and powerful it is, the better.

But then building such an infrastructure would normally require a huge capital investment for networking equipment, servers, data storage, power supply, cooling, physical space, and others, which could run up to tens or even hundreds of thousands of euros. To acquire an asset this costly, you’d have to take in debt and be burdened by the ensuing amortisation.

If you’ve got volumes of cash stashed in your vault, cost might not be a problem. But then if you really have so much savings, wouldn’t it be more prudent to use it for other sales-generating projects? An extensive marketing endeavour perhaps?

A capital expenditure of this magnitude and nature, which normally has to be approved by shareholders, can be regarded as a high financial risk. What if business doesn’t do well and you wouldn’t need all that computing power? What if the benefits expected from the IT investment are not realised??You cannot easily convert your IT infrastructure into cash.

Remember we’re talking about a depreciating asset. So even assuming you can liquidate it, you still can’t hope to sell it at its buying price. These factors are going to play in the minds of your Board of Directors when they’re asked to decide on this CAPEX.

Incidentally, these issues don’t exist in a cloud-based solution.

A cloud solution typically follows a pay-as-you-go utility pricing model where you get billed monthly (sometimes quarterly) just like your electricity. ?In other words, it’s an expense you’ll need to pay for?at the end of a period over which the service’s value would have already been realised. Compare that with a traditional infrastructure wherein you’ll have to spend upfront but the corresponding value will still have to be delivered gradually in the succeeding months or years.

demand expense traditional infrastructure

From the point of view of your CFO, what could have been a CAPEX to acquire an asset that depreciates with time (and consequently reduces your company’s net worth), becomes a flexible operating expense (OPEX).?Truly, it is an operating expense that you can increase, decrease, or even totally discontinue, depending on what the prevailing business conditions demand.

demand expense cloud infrastructure

People who think they have done the math in comparing cloud-based and traditional IT infrastructures claim that, although they see how cloud solutions transform CAPEX into OPEX, they really don’t see any significant difference in overall costs.

However, these people have only gone as far as adding up the expected monthly expenses of a cloud solution over the estimated duration of an equivalent IT infrastructure’s effective lifespan and comparing the sum with that IT infrastructure’s price tag. You won’t get a clear comparison that way.

You need to consider all factors that contribute to the infrastructure’s Total Cost of Ownership (TCO). Once you factor in the costs of electricity, floor space, storage, and IT administrators, the economical advantages of choosing a cloud solution will be more evident. Add to that the costs of downtime such as: interruptions to business operations, technical support fees, and the need to maintain expensive IT staff who spend most of their time “firefighting”, and you’ll realise just how big the savings of cloud adopters can be.

Still not convinced? Well, we’re still getting started.?On our next post, we’ll take a closer look at the additional benefits of paying under an OPEX model instead of a CAPEX model.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
A Business Case for Sharing

We blogged about sharing services in a decentralised business context recently, and explained why we think why these should be IT-Based for speedy delivery. This is not to say that all shared services projects worldwide have been resounding successes. This is often down to the lack of a solid business case up front. We decided to lay out the logic behind this process.

Management Overview ? The overview includes a clear definition of why the current situation is unacceptable, the anticipated benefits of sharing, and an implementation plan were it to go ahead. The project should not proceed until the stakeholders have considered and agreed on this.

Alternatives Considered ? The next stage is to get closer to the other options in order to determine whether an alternative might perhaps be preferable. Substitutes for shared services are often doing nothing, improving the current method, and outsourcing the service to a third party.

The Bottom Line in Business ? Sharing services comes at an initial cost of infrastructure changes, and the impact on human capital (the latter deserves its own blog). The following need careful consideration from the financial angle:

Numbers to Work Through

  • Manpower to design and roll the project out in parallel with the existing organisation.
  • Capital for creating facilities at the central point including civil works, furniture and equipment and IT infrastructure.
  • The costs of travel, feeding and accommodation. These can be significant depending on the time that implementation takes.
  • The opportunity loss of diverting key staff – and the cost of temporary replacements – if appointing line staff to the project team.
  • Crystal-clear project metrics including (a) the direct, realisable savings (b) the medium and long-term effects on profit and (c) where to deploy the savings

Risk Management

Shared services projects don’t go equally smoothly, although planning should reduce the risk to manageable levels. Nonetheless it is important to imagine potential snags, decide how to mitigate them and what the cost might be.

We believe in implementing shared services on a pilot basis in the business unit that eventually provides them. We recommend building these out to other branches only when new processes are working smoothly.

Moving On From a Decision

We recommend you revisit your management overview, the logic behind it, the assumptions you made, and the costs and benefits you envisage before deciding to go ahead

The final step in proving a business case is doable should be fleshing out your roadmap into a detailed operations plan with dependencies on a spreadsheet.

Ready to work with Denizon?

Contact Us Today