Conduct A Strong Evaluation
Companies considering working with a cloud provider need to properly vet the service, seeking validation of the architecture's security and the state of nearly every aspect of its information security program. Cloud security experts say businesses need to treat the engagement like an evaluation of any technology provider, request to speak to the security team, find out how it conducts penetration testing and determine if its incident response plan is adequate. Some firms request to see the provider's security operations center and add services into the cloud contract negotiation, such as continuous monitoring and access to logs.
Here are five questions you should ask and have answered.