Cybersecurity

To cloud, or not to cloud.  That is the question.

By Veriato Team

If you are thinking about storing sensitive information in the cloud, you need to be as sure of the security of that data as you would be storing it on your own infrastructure. In effect, you are outsourcing data storage. And there are good, valid reasons to do so. Most of them stem from a lower costs (or the perception of lower costs) and management overhead.

Here is a list of questions you need to have answers to before committing to a cloud based service.

Physical Security

  • What access controls are in place at the data center?
  • Is the data center SAS70 certified?
  • What are the processes and procedures around physical access to the servers where your data is stored?
  • Who is allowed access?
  • How are they vetted from a security perspective?
  • What background checks were performed?
  • How is the staff that has access monitored?

If the provider you are thinking about trusting with your data is serious about security, they will be able to produce a document that speaks to this without hesitation.

Architecture

  • What happens if another customer in the shared environment overuses their capacity?
  • What are the impacts to you?
  • What guarantees are you offered that your performance will not be impacted?
  • What logical security exists to ensure that no one else besides you (and the people at your outsourced provider) can access your data?
  • What encryption is used when the data is in motion?
  • What encryption is used when the data is stored in their data center?
  • What auditing exists to you can look and see how your data is being accessed, and in the worst case, how a breach occurred?
  • What disaster recovery options are offered?
  • What is their Recovery Time Objective (RTO) to restore your data in event of a hardware failure?
  • What is their Recovery Point Objective (RPO) that measures their tolerance for data loss, and is it an acceptable level for your company?
  • Who has access to the backups?

A quality provider will be able to provide detailed documentation that addresses these questions without hesitation.

Veriato supports private cloud deployments, and encourages our customers to be certain they have addressed the above should they consider deploying our technology into a shared cloud infrastructure. While many of our customers elect to deploy using a private cloud, routine surveying of our customers – particularly those in financial services, healthcare, pharmaceuticals, and manufacturing (area where compliance mandates require greater control and where the value of corporate data is fully understood) tell us that an on premise deployment remains their preferred approach.

2023 Preparedness Checklist: Ensure Your Workforce Is Productive and Secure

This guide will help you understand where there are opportunities and risks in your workforce, and what you can do to make sure 2023 is as secure and productive as possible with workforce behavior analytics.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

A More Insightful, Proactive Approach to Employee Monitoring

A More Insightful, Proactive Approach to Employee Monitoring

Also known as “bossware” and even “employee surveillance”, employee monitoring has been placed in the bucket of technologies that companies force on their employees. Whatever you call it, its use is on the rise and it looks like it’s here to stay. As of 2022, 60% of...

Bossware and the Future of Work

Bossware and the Future of Work

Recently, there has been considerable coverage of “bossware” and a focus on draconian types of “surveillance” some companies are using to stay on top of remote and flexible workforces. Articles claim companies are accessing the camera on laptops and tracking every...

The Myths and Truths of Employee Monitoring

The Myths and Truths of Employee Monitoring

Early in the pandemic, searches related to “how to monitor employees working from home” increased by 1,705%. Without the oversight of managers in an office setting, many companies are concerned that their employees are less productive, and that there is an increase...