The Bunker helps our clients to understand how Cloud computing can support their business and assist them in the development of a robust Cloud adoption strategy. With so much choice and opinion it is difficult to be sure that you are making the right decisions.

We have always regarded security as the number one consideration and Cloud is no different. That is why we have very carefully examined all the technologies available and the processes and procedures necessary to remain Ultra Secure, to ensure that you can safely benefit from the rewards that Cloud services can offer.

Our experienced and knowledgeable teams of consultants, solution architects and project managers will walk you through your journey ensuring that at every stage you are secure in the knowledge that you are making the right decisions for your business.

Cloud Computing: the checklist

Ultra availability in the UK’s most secure Cloud.

The model for Cloud computing is still maturing, which is why our experts will always discuss your needs and advise on the most appropriate way for you to get the best balance of business advantage and data security.

As your Cloud provider, we recommend you consider the following security issues:

• Privileged user access
• Regulatory compliance
• Data location
• Data segregation.

Privileged user access

Sensitive data processed outside the enterprise brings with it an inherent level of risk, because outsourced service providers are not all subject to the same access security controls that internal IT departments are.

We believe it is important to understand:

• Who manages your data
• Who has access to your data
• How your data is protected.

Ask your potential Cloud provider to supply specific information on the hiring and vetting processes they employ, and the control of privileged administrator access.

Regulatory compliance

Clients are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider.

Traditional service providers are subjected to external audits and security certifications. A potential Cloud provider who refuses this level of scrutiny should only be used for the most trivial functions.

Data location

If you use a public Cloud, you may be unaware exactly where your data is hosted. In fact, you might not even know what country it will be stored in and what local privacy regulations apply.

Ask potential Cloud providers:

• To commit to storing and processing data in specific jurisdictions
• To make a contractual commitment to obey local privacy requirements on behalf of their clients.

For example, with us, all your data stays in the UK. You always know where it is and which laws apply.

Data segregation

Data in a public Coud is typically in a totally shared environment alongside data from other customers. You may be sharing firewalls, storage and processing leaving yourself exposed to risks.

As a Cloud provider, we employ segregation policies for all customers in a way that reduces risk to the low levels as low of a private Cloud.

With us, no server contention disrupts your quality of service. You have a dedicated blade server, backed by a meaningful SLA and 24/7/365 support, monitoring and alerts.

Best practice summary

• Ask where your data will reside and how it is protected
• Check on adherence to data protection laws in the relevant jurisdictions
• Ask prospective suppliers about their physical security and staff vetting controls
• Check which third parties the supplier deals with and whether they can access your data
• Ask about exception monitoring systems and processes
• Check the supplier provides a 24/7/365 ITIL based support and service desk
• Ask about service level availability guarantees and penalties
• Check whether the cloud provider will accommodate your own security policies
• Seek an independent security audit
• Talk only to potential Cloud providers with recognised security certifications

To talk to us and find out more about our Ultra Secure Cloud click here.