Concern over securing data in the cloud is a showstopper for many who are considering migrating high-value applications and databases. It needn’t be, not if you do your due diligence, and ask prospective cloud service providers (CSPs) the right questions.
You also need to ask yourself some questions.
- What level of risk do I currently accept running this application where it is?
- Am I looking to match security levels I have now or improve security for this application in the cloud?
- What, if any, tradeoffs are there between security, functionality and efficiency to be considered?
The bottom line, as far as data security in the cloud is the concerned, is whether a CSP can do the job as well or better than what you have been. Be most concerned about those areas where it cannot.
Planners worry more about physical data security when evaluating CSPs. The CSP’s framework must be able to support your compliance guidelines and any relevant government regulations. Have your internal audit or compliance office conduct a capabilities review and, if needed, do it in cooperation with the appropriate government regulators.
Here at Peak 10 our data center facilities, which provide the foundation for our cloud solutions, are audit-ready for customers who need assistance in meeting the requirements of many certifications and regulatory demands. That includes the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), the European Commission’s Directive on Data Protection (“Safe Harbor”) and Sarbanes-Oxley (SOX), for example. Every year Peak 10 is independently audited under the SSAE 16, ISAE 3402 and AT-101 audit standards.
We offer several firewall services, from basic with VPN services to managed firewall and intrusion detection and prevention systems, allowing customers to tailor a solution best suited to their security requirements.
Each of our 23 data centers has been commissioned individually by an independent quality assurance and mission-critical engineering team. The qualification process applies key standards for mission-critical data center facilities including ANSI/TIA-942, and other standards established by the Uptime Institute, ASHRAE, NFPA and critical infrastructure manufacturers.
Creating and maintaining robust and secure data centers and cloud services for safely storing data is no simple task, and threats of malicious intent will persistent forever. Peak 10’s Office of Audit and Compliance works diligently to see that these threats fail to undermine our customers’ trust in us.