Top Questions CFOs Should Ask of Cloud Providers
May 4, 2017
Cloud service providers are everywhere. In most cases, you get what you pay for, but there are some startups who will charge more to get the capital to invest into better hardware. Before a CFO signs an agreement it is imperative they ask the right questions from potential cloud service providers.
What Cloud Services do they Provide?
Most cloud service providers make their bread and butter from data storage. They take your data, slap it onto a server, and they are done. However, larger and more experienced providers can offer a lot of extras you may not know about. Software offerings could include their own program they have made for a specific purpose for their customers. There may be an extra charge for it, but the provider may offer it as a way to sway you to join their service. Other providers may be more than a cloud service provider. TOSS C3 for example, is also a managed service provider, and they offer IT outsourcing. They also specialize in disaster recovery and have their own software, vBCDR.
Data Center Location
Data center location can be a real issue for insurance companies. Their data cannot go out of the country, so it is important to make sure their data storage states within the States. For disaster recovery considerations it is best to have more than one data center just in case one goes down for some reason. Many providers have a multiple data center configuration, and your data will be transferred between multiple centers. This ensures your data is on multiple servers and is accessible at any moment.
Make sure to find out how the cloud configuration is set up for your office and mobile devices. In most cases, your data is accessible as long as you can get to a network connection, but that is not enough. In the insurance industry, you must make sure there are no prying eyes when you are at the coffee shop or in a hotel out of town.
Hackers like to piggyback on wireless signals and gain access to servers. So, ask the cloud service provider about the protection they have available for mobile technologies. Besides firewalls and anti-virus software, they should have dual verification and encryption services that can encrypt your data immediately. If someone takes your laptop they will not be able to break the encryption and access the network of the files.
The insurance industry has not yet set strict limits on accessing the cloud. Client files must be secure, and the agent should use every sensible option to make sure they are. So, the cloud is not mandated by any states, nor any insurance boards. That does not mean certifications are not important. Cloud providers should have certified technicians to handle specific hardware and software issues, as well as PCI DSS or TRUSTe or other possible certifications you require. Let the provider what your needs are and see if they have the necessary certifications.
There are many other questions to ask, but this small list will get you started. The key is to ask all the questions before you get to the contract. Make sure you understand every aspect of the contract and don’t take any oral promises as guaranteed unless it is in writing as well. Get a free assessment, and see how TOSS can help you today.
Subscribe now and stay up to date with News, Tips, Events, Cybersecurity, Cloud and Data Compliance.