10 questions you need to ask a cloud service provider
16th August 2017
So you’ve made the decision to switch to the cloud, congratulations, you’ve made the right choice!
Better security, lower IT costs, and more flexibility, you will be wondering why you didn’t make this decision ages ago.
However, as with all new products or services, you need to ensure you are getting the right product for you. Will it do what you need it to? Will the service you get suit your needs? Do you fully understand what’s included and what isn’t?
Think of it like choosing an insurance policy, you need to take the time to find out what is covered and what happens if disaster strikes.
There have been some stories in the media recently where consumers thought they were fully protected in the event of a cyber-attack, and when it came down to it, what they were paying for just wasn’t what they expected.
So we’ve put together a handy checklist for you to ask potential providers; and actually, if you already have services based in the cloud and you aren’t sure of any of the below, then you need to ask these questions now, and ensure the service you have is right for you.
Where is your data being backed up to?
This might not seem an obvious question to ask, as you just assume that the cloud service provider will take care of all of that, why do you need to know?
You should want to know, not only so you can be reassured that your data is not being kept in a back office somewhere that’s on a dodgy industrial estate that’s right next to a river which regularly floods. It’s also important because the rules on data protection are changing, and you will legally need to know where your clients’/customers’ data is being stored, they have a right to know this, and you are legally obliged to tell them
How often is it being backed up?
This is key. You need to ask yourself how much data you can afford to lose at one point. For example, if your system is only being backed up once a day, the most you could lose if something happened and everything went down is 24 hours’ worth of work. What disruption would that mean for your business? Will that break any compliance or regulation rules in your industry?
At Host My Office, we back up your system every five minutes. Yep, no kidding. So if a virus started hitting your system when you got up to make a cup of tea, then we would have restored it back to where you had it, and you wouldn’t even have known the difference.
So for peace of mind, ensure you know what the consequences of any disaster hitting your computer systems are.
How is your data being kept?
It’s important to know how your data is being kept and in what form. You need to know that it’s secure, but also that it’s been encrypted, reducing the chance of unauthorised people gaining access to it. Check the level of encryption, whether more stringent measures are being taken than just a password to protect it, etc.
You may also want to know how the provider screens their own staff to ensure that the right people are working for them and that they will be responsible in handling your data
Is there a backup of the backup?
This may seem a little bit over the top, but nothing is foolproof. If your service provider’s own servers go down, can they restore their own systems? Ideally, your data should be kept at more than one geographical location, and each copy should be backed-up at the same time, so are exact replicas of each other. Anything happens, and your business should continue operating as normal
What exactly is being backed up?
Dependent on the type of plan you have with your service provider, it may be that not all your data is being backed up, it would be wrong to assume this automatically, which is why it is best to check. For example, when you signed up for their services, you may have handed over what was on your server at that time. If you have added additional folders/projects etc., your provider might not necessarily know that they exist, so it’s important to determine what’s being backed up, and whether you need to keep in touch and let them know if there’s anything new that they need to include. Likewise, anything that they can delete to free up some storage
How long do they keep the data for?
You need to know how long your data is stored for. For example, we back-up data every 5 minutes, and then it’s moved to a weekly file, then monthly, annually, then after 10 years we will begin to destroy it. For regulatory or compliance purposes you may need to keep data for longer, so just ask the question to ensure the length of time your data is stored for is suitable for your needs
How do they restore data?
Not only do you need to know how quickly you can access your data, but what data will be available to you. Some providers will restore each file individually, whereas we at Host My Office will restore the whole lot at once. You need to know how quickly you can get up and running, and whether you would be happy with having to identify individual files you might need if your system does go down and manually request these to be restored first
Will you be fully protected in the event of a cyber-attack?
Just as an aside – this is the right question to ask, and not ‘will I be fully prevented against cyber-attacks’. Cyber-attacks will keep happening as criminals work out new ways to get around firewalls, or to encourage people to unsuspectingly open infected emails, for example. Think of it like antibiotics. New strains of diseases are always popping up, and so medical researchers are having to constantly produce drugs to counteract them. The same is true of computer viruses.
So you may well be the victim of a cyber-attack, but this will not be the fault of your cloud service provider. What you need to know is that your data is protected in the event of an attack, that the provider can take your systems off line, recover and restore as if nothing had ever happened.
What control and access do you have over your data?
You want to know who has access to what, and ensure that you can control this at all times. From when the data is created or files handed over, right through to when it is destroyed. You need to know that you will have access at all times, and be able to decide who else has access to that data (think new starters and old leavers). Again, this is important for data protection rules. It’s also important that any changes made to your data has a trail, so you can track this back if needed and see who has changed what
Also a good question to ask is what happens if they need to do some maintenance on a server or have some downtime to do upgrades, can you still get hold of the files you need?
How much is it going to cost?
This question seems obvious, but you need to think about the price quoted to you, and what services you get in return. If the price looks too good to be true, then it probably is. If you want to pay £30 a month, then your level of protection is probably not going to be fool proof.
The level of security and features you’ll get will increase the more you pay. Again, it’s like an insurance policy. The more you want to have covered, the more you have to pay for it. You need to take the time to work out what it is that you want to have in place, and what exactly you get for the price you want to pay.
It’s also worth thinking here about what happens as you grow, how much capacity you are paying for at the moment and what that means if you need to increase storage. You don’t want to be paying for storage that you aren’t using, but also you want to know that if you do need to upgrade your plan that it isn’t going to cost a fortune, so that you feel trapped in a system which isn’t suitable for your needs.
Lots of questions to ask and information to consider before you jump in and make that decision to hand over all your files. Because essentially that’s what you are doing, and you want to be reassured they will be the right people to look after your data.
If you’d like to get in touch with us to see how we could help, we’re happy to sit down with you and go through how we’d work with you and support you and your business.
For a no-obligation chat, cup of tea and even a biscuit, please get in touch with us.