5 Security Questions to Ask When Choosing a Cloud Service Provider

1. 5 Security Questions to Ask When Choosing a Cloud Service Provider • Dan Bowman • Canadian Channel Sales Manager • Seagate Technology

2. Cloud Security What’s the Path to Trusted Data Assurance in the Cloud?

3. Cloud Security OUTAGE DISASTER • All Clouds Are Not Created Equal • What are Best Practices? • What does Compliance and Certified mean? • What does Disaster Recovery entail? THEFT/LOSS COMPLIANCE LITIGATION ERROR

4. 1.What are your Encryption procedures? • At the Source • In Transmission • At Rest in the Cloud • AES 128 – AES 256 • Minimum requirement • NIST compliant • Warning! • Don’t allow data de-cryption, in order to Dedupe!

5. 2. How is Communication Access to your Cloud handled? • Don’t give a Cloud provider the keys to your data kingdom • Don’t release credentials • Don’t create security backdoors Your Datacenter

6. 3. How is Physical Access to Cloud Data Centers Handled? • Who Has Access to your Data once it’s in the Cloud? • Physical security • Who manages hardware upgrades? ?

7. 4. Data Privacy – Bill of Rights • Review documented best practices • Notification of Privacy breeches • Audit & Certification standards • SSAE 16* • SAS 70 • ISO 27001 • FIPS, HIPAA, PCI • What if the MIBs come knocking?

8. 5. What will you do to get my business online in a Disaster scenario? • Hurricane Sandy $30B+ Insured Losses • Number and location of Cloud datacenters • What’s is the CSP’s “guaranteed” RTO • 24hrs? • 12hrs? • 4hrs? • Virtual Spin Up?

9. FEMA Disaster Zones Floods Hurricanes Earthquakes Floods Floods Floods Hurricanes

10. Datacenter locations

11. Is your Cloud Provider’s networklocated outside of FEMA zones?

12. Summary • All Clouds Are Not created equal • Iron-clad Cloud technology • Trusted Advisors • Guaranteed SLAs • Audits &Testing

13. Thank You – For More Info • Dan.bowman@evault.com • Watch an EVault Cloud demo: • youtube.com/user/EVaultSeagate

14. Questions?