You are coming from a line of business and have seen the benefits that cloud services can bring to your organization and want to leverage them?
You don’t have the technical background as your IT colleague has, but you are also concerned that your critical data is stored in and accessible via the cloud?
Here is a list of questions that you should ask a cloud service provider, when thinking about running cloud solutions. If your cloud service provider can address them, it’s the one of your choice... and should be good to stand in front of your IT department.
The questions are structured according to the top security concerns in the cloud.
Identity Management
SaaS architectures involve Web-based applications and communication that occurs via the internet. The questions that should be asked here are:
Data Location
Giving your critical data in the hands of your cloud service provider requires trust. Thus it’s important to know where it is stored and how it is protected. To have peace of mind the following questions should be processed:
Data Storage
In a SaaS model, your data is stored in the data center of the vendor together with data from other companies. Thus, the following questions should be answered and compliance regulations should be addressed:
System Operations
Your provider must ensure that the general capabilities of secure and stable IT operations comply with industry standards and technology best practices. To achieve it, your vendor should be able to answers the following questions:
Data Transmission & Flow Control
SaaS uses the public internet to transmit data and therefore transmission security is required. Here the questions to be answered:
Miscellaneous
SAP is dealing with critical customer data over decades and runs secure. This knowledge built up is used to protect your data in and around the cloud.
But Security it is not only about Certification & Data-center. The concept of a vendor needs to go far beyond that. It needs to address the operation of data, storage of data and e.g. the portability of my data because I might want it today on-premise and tomorrow in the cloud.
See more in depth information from my colleagues and experts here:
Last but not least one major aspect should be highlighted when it comes to security - the culture.
Employees of a cloud vendor should have this security thinking implanted in their DNA. Be careful with your passwords. Lock your devices whenever you’re not working with them. Take security serious at an early stage of developing new software. Employees of SAP are experts in that topic. Every employee gets a wide range of security training and has to pass tests on a regular base.
Any remarks? If yes, please let us know. We are happy to engage with you.
Follow us on twitter to stay informed about the hot topics around the cloud.
Sven Denecken (@SDenecken) and Nikolai Vetter (@NikolaiVetter)
_________________________________________________________________________________________________________
Read other relevant blogs:
SAP Cloud - Quarterly update Q1 2014 by @SDenecken
10 #Cloud Computing Trends for 2014
Clearing the Clouds around the Cloud
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
37 | |
19 | |
13 | |
12 | |
11 | |
10 | |
10 | |
9 | |
8 | |
8 |