Cloud Coverage: Pros and Cons of Outsourcing Your IT Infrastructure
This article originally appeared online here, and in Associations Now’s June print issue. By Karla Taylor, Associations Now, June 2013, Supplements Excerpt: Sample Questions About Cloud Security If you’re considering moving your AMS or other systems to the cloud, it’s vital to do your due diligence about security issues, including the safety of credit-card data and personal information. Here are three must-ask questions from Christopher Stark, president and CEO of Cetrom Information Technology, a cloud-computing service provider.
- Is your cloud environment secure? For example, how secure is employee access? Do you always encrypt client data when transmitting to and from your data center?
- What certifications do you possess, and how often are your services subject to an independent audit? A data center should meet the SSAE-16 standard and have a tier-4 rating. Ideally, the center should undergo an independent audit annually.
- Where are your data centers located? How much of my data will go to another country? Your vendors should invite you to tour a data center, and you should do so. Ideally, your data will have both geographic redundancy and data redundancy. In other words, the data should be replicated in several locations so that it will be preserved in case of disaster. And if your association is located in the United States, you want your data to be, also. That way, your data will be protected by local and federal laws and held to National Institute of Standards and Technology standards.