Choosing a cloud service provider can be a daunting task. With so many cloud providers to choose from, it can be difficult to differentiate the good providers from the bad. Below are six questions from our “How to Choose a Cloud Service Provider for a Law Firm” guide enterprises should ask when determining which cloud provider to use:
- Do you meet regulatory compliances? Enterprises are accountable for their own data when it’s in a public cloud and they need to ensure their providers are ready and willing to undergo audits. Your cloud provider should be able to provide you documents confirming they meet the common industry compliance standards (PCI DSS, HIPAA, SOX, FFIEC, FISMA, etc.).
- Where are your datacenters located? The location of a cloud service provider’s datacenter is important. When selecting a provider, ask where their datacenters are located and if they can commit to specific privacy requirements.
- Will my data be segregated from other businesses? Most public clouds are shared environments. Therefore, it’s critical to ensure hosting providers can guarantee complete data segregation for secure multi-tenancy.
- What kind of disaster recovery plan do you include? Enterprises need to ensure their hosting provider has the ability to do a complete restoration of their data in the event of a disaster.
- What happens if you go out of business? Businesses come and go; therefore enterprises need to ask the hard questions about the portability of their data to avoid lock-in or potential loss if the business fails.
- What kind of service level agreement for uptime do you offer? The uptime targets should be 99.99% if possible (which translates to less than 5 hours of downtime per year), but may vary. Enterprises should ask the cloud service provider what their service level agreement for uptime is and what happens if it’s not met.
Choosing a cloud provider doesn’t have to be a daunting task. Using the above guide will make it easier to determine if the cloud provider you are considering offers the security, disaster recovery, and compliances your business requires.