Businesses and individuals are flocking toward a highly virtualized Cloud Computing environment. Although they are completely digitized, Cloud Service Contracts still demonstrate the same traits as any other legal binding document, which means there is a possibility for errors. This could prove risky for your business.
Questions on Cloud Computing – a Much Needed Topic to Discuss
It is vital to think and to analyze in detail about the service your organization is going to choose, to run their business online. However, if a company takes proper measure and ask a couple of crucial questions discussed below from the service provider, then they will be in a better position to decide which service provider best fits with their business requirements.
This post is an attempt to identify some crucial questions that need to be asked from Cloud service providers before a final decision has been made on a vendor.
1- Can the Vendor Demonstrate Similar Deployment?
The Cloud market is no different from any other in the technology landscape. Many go out of their way to prove their worth to potential customers. Getting a first-hand view of vendor’s previous projects will serve as prove here.
The regulation of vendor-client relationship may be in place, and not all vendors may be able to demonstrate their capabilities in the manner you require.
Additionally, you may also request for customer feedback or testimonials regarding their experiences with the vendor, it would certainly help you in finalizing the decision.
2- How Viable is your Service Level Agreements?
The SLA is the commitment on service quality, performance and availability. It provides a framework to align issues and reservations of the service provider and the client.
SLAs serves as a necessary backup contract, to ensure that both parties will perform respectively as committed in the agreement. Make certain that all your concerns are properly covered in the SLA before signing it off.
3- How Secure is my Data? Am I the Only One who has Access to my Information?
Data security is of main concern when businesses are considering moving to the Cloud. Best cloud service providers offer standardized encryptions of at least 128 bit over Secured Socket Layer (SSL) to ensure data protection transmission and storage.
A vendor must be able to provide you with an encrypted password facility, and must be able to ensure that your confidential data is only accessible by authorized persons. Even the employees of the Cloud service provider must not have access rights to your information.
4- What if the Vendor Loses your Data or some Part of it?
Data Protection is of core importance for companies and businesses. According to a recent study, 63% of companies go out of business within the first six months of operations due to data loss. You must go through data protection policies of the Cloud service provider, as well as their auditing procedures.
One other study showed that Cloud providers often refuse to accept liability in such matters. Hon the other hand, many Cloud providers offer various forms of compensation schemes against partial or complete data loss.
5- Who Is Liable If Data Is Lost During Transmission Due To Service Interruption?
A clone of your digital data is stored in different locations to guarantee backup recovery and data protection. But how many third party data centers have a secure copy of your data? What if more than one data center gets affected due to some disaster, do they ensure complete restoration of your data?
The best Cloud providers use incremental backups to ensure protection of your data, and create images of all data at particular restoration points. Does your Cloud provider incorporate such practices.
6- Where Is Your Data Actually Archived?
Some providers do not disclose the location of their data centers. Such a practice raises questions and creates doubts? You must know the location of data center where your data going to reside. Give it a visit if possible. It will help to analyze the level of security and reliability your Cloud provider is offering.
Here is a short list of why you should know your data’s physical residing location:
- There are restrictions for processing personal data of European national outside EU.
- The physical location of data centers assists in understanding which country’s laws are applicable in case a court dispute arises
- Are there any significant disaster risks possible like floods, earthquakes, war etc.
7- What If My Company Decides Migrating To Another Vendor?
Businesses grow over the time. What if your current service provider is unable to meet your requirements? As a result, your company will need to look for an alternative solution.
Very few Cloud providers offer data portability service, and, although, it should be an important part of a decent Cloud service you will most often find yourself stranded. Make sure your Cloud service provider possesses the capability to easily migrate your data to another solution or vendor.
8- Who would be Responsible for Maintaining Data for Legal and Compliance Rights?
A Cloud Service Agreement (CSA) covers this aspect adequately – liabilities, warranties, guarantees, limitations, rights and responsibilities of both the parties must be clearly mentioned.
The Data Retention Policy should be defined clearly. This will be useful in case of any legal correspondence for instance e-discovery litigation or preservation of data as an evidence by law enforcement agencies.
9- What Happens When The Contract Is Terminated?
Often neglected, this clause in a Cloud Service contract specifies the time period until the service provider agrees to keep data. If not specified in the beginning, it can prove detrimental to a business.
Most service providers delete data immediately or in a few days after a contract has expired or terminated – whichever comes first. Ensure that an appropriate period is provided by the vendor before deleting your data.
Questions about Cloud Computing – Let’s move on to the Conclusion
Although, the benefits associated with Cloud Computing services are numerous, and of great importance to organizational growth and expansion, it also carries some distinctive risks related to data security, legal issues, compliance matters, and privacy policies.
A proper due diligence of Cloud providers, along with a carefully drafted Cloud Service Agreement (CSA) covering all important areas (performance, service limitations, data security, governmental and third-party litigation policies, data migration, confidentiality of secret information, and exit plan), would go along way in ensuring that your business gets a fair deal.
Cloud Computing has real-world contribution and has enabled billions of dollars of transactions. Your business will almost certainly benefit from migrating to the Cloud (if not already). A simple checklist (you may use this post as a reference point) on Cloud Computing requirements will set you up on the right path to Cloud adoption for your business.