hello Back

Cloud security: key questions to be considered

Cloud technology has never been more appealing than now. As a business, one of your primary concerns lies in the ability to deliver your services and products, regardless of the workload, and that’s where the cloud becomes an interesting option.

These are the 5 key questions every business should try to answer in evaluating the adoption of this platform:

Why are you going to the cloud?

There needs to be a clear reason why you are bringing your data or infrastructure to the cloud. Cloud migration needs careful planning and a well-crafted step-by-step transition. It can’t be treated as an experiment ‘’to see what the cloud feels like’’.

What data or business capability needs to be in the cloud?

You need to establish what exactly needs to be hosted in the cloud and the advantages your business will gain from that move.

« Hosting a critical business application in the cloud is a great idea as long as you consider some type of remediation in case of Internet outage. »

What type of compliance would you need in the cloud?

There is a crucial need to identify the compliance standards your business is subject to, especially with the kind of data hosted in the cloud:

  • Are you processing Personal Identifiable Information (PII) or Personal Health Information (PHI)?

  • Is your business looking to only do business with an ISO 27001 certified cloud provider?

How do you ensure security in your cloud environment?

Some security controls have to be put in place following a thorough risk analysis. To ensure that the controls implemented are efficient, a security audit would be the perfect way to assess your cloud security posture.

How do you control cost expenditure in the cloud?

Managing costs is crucial to all companies across the board. Cost management in the cloud can be quite tricky and requires a detailed view of consumption. IT teams focus on productivity, which does not make them the best entity to manage costs.

There are many gains to having data and infrastructure in the cloud. Many of the cloud data breaches heard in recent news are blamed on misconfigurations. That represents only part of the answer. Ensuring security for cloud environments requires a top-notch expertise both technically and strategically from an independent party. That is indeed what makes working with a trusted cybersecurity partner like ESI so valuable.

Aziz Touré
Security Specialist, ESI Technologies