Must-Haves and Must-Avoids of XaaSBy Tony Kontzer | Posted 2009-06-04 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
What to look for -- and what to avoid -- in a cloud service provider.
What should you look for in a cloud offering? Here are some things cloud service providers should bring to the table—and some reasons to avoid certain providers.
XaaS providers should offer:
- assurances that data can easily be extracted and moved to another provider;
- a clear explanation of their security schemes and a willingness to have those schemes audited, as well as an explicit plan of what they will do for customers if security is breached;
- the ability to meet compliance and regulatory requirements;
- management tools that can track performance levels and provide executives with dashboard snapshots of usage trends;
- all details about whoever is granted special access to data;
- a transparent view of who their providers are;
- the ability for you to control the location of your data; and
- provisions regarding what happens to your data in case of disaster, or if the service provider should go out of business.
Conversely, XaaS providers should be avoided if:
- their security measures don’t meet your security requirements;
- you feel uncertain of their long-term viability;
- they won’t agree to limit future rate increases;
- they can’t tell you the types of companies that will store their data on the same servers you use to store your information;
- they don’t provide you with a simple way to log activity for compliance purposes;
- they lock you into a proprietary format to which you’re not 100 percent committed; or
- they can’t guarantee that your data will be portable at a moment’s notice.