1 / 14

5 Security Questions to Ask When Choosing a Cloud Service Provider

5 Security Questions to Ask When Choosing a Cloud Service Provider. Dan Bowman Canadian Channel Sales Manager Seagate Technology. Cloud Security. What’s the Path to Trusted Data Assurance in the Cloud?. Cloud Security. OUTAGE. DISASTER. All Clouds Are Not Created Equal

lora
Télécharger la présentation

5 Security Questions to Ask When Choosing a Cloud Service Provider

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. 5 Security Questions to Ask When Choosing a Cloud Service Provider • Dan Bowman • Canadian Channel Sales Manager • Seagate Technology

  2. Cloud Security What’s the Path to Trusted Data Assurance in the Cloud?

  3. Cloud Security OUTAGE DISASTER • All Clouds Are Not Created Equal • What are Best Practices? • What does Compliance and Certified mean? • What does Disaster Recovery entail? THEFT/LOSS COMPLIANCE LITIGATION ERROR

  4. 1.What are your Encryption procedures? • At the Source • In Transmission • At Rest in the Cloud • AES 128 – AES 256 • Minimum requirement • NIST compliant • Warning! • Don’t allow data de-cryption, in order to Dedupe!

  5. 2. How is Communication Access to your Cloud handled? • Don’t give a Cloud provider the keys to your data kingdom • Don’t release credentials • Don’t create security backdoors Your Datacenter

  6. 3. How is Physical Access to Cloud Data Centers Handled? • Who Has Access to your Data once it’s in the Cloud? • Physical security • Who manages hardware upgrades? ?

  7. 4. Data Privacy – Bill of Rights • Review documented best practices • Notification of Privacy breeches • Audit & Certification standards • SSAE 16* • SAS 70 • ISO 27001 • FIPS, HIPAA, PCI • What if the MIBs come knocking?

  8. 5. What will you do to get my business online in a Disaster scenario? • Hurricane Sandy $30B+ Insured Losses • Number and location of Cloud datacenters • What’s is the CSP’s “guaranteed” RTO • 24hrs? • 12hrs? • 4hrs? • Virtual Spin Up?

  9. FEMA Disaster Zones Floods Hurricanes Earthquakes Floods Floods Floods Hurricanes

  10. Datacenter locations

  11. Is your Cloud Provider’s networklocated outside of FEMA zones?

  12. Summary • All Clouds Are Not created equal • Iron-clad Cloud technology • Trusted Advisors • Guaranteed SLAs • Audits &Testing

  13. Thank You – For More Info • Dan.bowman@evault.com • Watch an EVault Cloud demo: • youtube.com/user/EVaultSeagate

  14. Questions?

More Related