Don’t Put Your Cloud Data On Autopilot
Security, recovery, and support are most important.
Is your data secure? Checking details on security should be your first priority when selecting a cloud provider. Whether you’re storing patient records, CRM data, or marketing materials you don’t want it to end up in the wrong hands. First, you’ll want to select a provider that’s passed an SSAE 16 (Statement on Standards for Attestation Engagements 16) audit. SSAE 16 is a regulation created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) for redefining and updating how service companies report on compliance controls. Cloud providers that have passed an SSAE 16 audit — ideally verified by a SOC (Service Organization Control) 2 report — have demonstrated they have proper controls in place to ensure security, availability, processing integrity, confidentiality, and privacy.
In addition to selecting a viable cloud provider, it’s important to verify that the backup software used to copy your data from your premise to the cloud provider’s data center has the proper security controls in place. Ideally, you should only use a backup solution that provides military-grade encryption (such as 256-bit AES encryption) starting at the point of origin and maintaining encryption during data transmission and even while at rest at the final destination.
Is your recovery mission critical? Even if you get the first step correct, your cloud backup plan isn’t complete until you can know for sure that you’re able to recover your data in a timeframe that meets your RTO (recovery time objective) and RPO (recovery point objective). This is where a business class cloud backup and recovery solution separates itself from a consumer grade offering. The former will guide you through this process discussing all the factors that come into play when recovering data from the cloud, including your Internet bandwidth as well as services the cloud provider may offer such as copying your data to an external hard drive and mailing the drive to you within a guaranteed timeframe. It’s also important to check the fine print on hidden costs for data recovery services before signing with a cloud provider. Beware of “freemium” cloud backup offers that charge exorbitant fees if you ever need to recover your data following an accidentally deleted file, server crash, or a disaster.
What kind of support is included? Every cloud backup offering looks good when everything’s running smoothly. But, when it comes to computers, there will eventually be some kind of glitch that arises. Some problems are simple to fix (e.g., a computer was turned off or not connected to the Internet during the backup) while others can be trickier to identify or resolve (e.g. corrupt network drives). When problems occur, it’s vital that you can contact your cloud backup vendor and get the help you need. This is why it’s highly recommended to check out a potential cloud vendor’s helpdesk support before storing your data in their cloud. Some providers try to cut costs by outsourcing helpdesk support to overseas call centers, where language barriers and a lack of familiarity with the vendor’s products and services quickly become evident in a time of need. A little due diligence upfront can prevent a lot of frustrations later on.
While no cloud provider can guarantee 100% uptime, there is wide disparity between those who set up web servers in ordinary office spaces and try to pass it as cloud computing vs. legitimate cloud providers with physical security, data redundancy, and redundant power supplies (i.e. SSAE 16 audited providers). Choosing a cloud provider and cloud backup solution that meet the criteria outlined above will go a long way in ensuring your most important business assets are protected under any circumstances, and they can be recovered under any circumstance as well.
As the head of the Product Management team, Chuck is responsible for all product decisions including strategy, requirements, and roadmap at Intronis, Boston-based enterprise cloud backup and disaster recovery solutions provider for the IT channel. He has more than 30 years of software management experience and deep technical expertise in databases and data security.