Data security is often cited as one of the biggest concerns of moving to the cloud. According to a recent AICPA survey, the top barrier to adopting or expanding cloud solutions are security concerns (63.1%). Whether you are looking for a cloud accounting solution, or moving other business data to the cloud, choosing your provider will be a critical decision. Not all cloud computing providers are created equal. In a whitepaper entitled, Making the Leap to the Cloud: Is My Data Private and Secure?, Thomson Reuters shares 16 questions you should ask potential providers to determine if they can meet your security needs.
1. How many years have you been providing cloud computing solutions?
Look for a provider that has demonstrated years of experience in cloud computing solutions. Cloud computing has been around for more than 10 years, and the most experienced vendors have worked through all its complexities.
2. What class of data center do you use?
Look for providers that offer Tier 4 data centers. Tier 4 data centers offer built-in redundancies that are important for protecting sensitive accounting data.
3. Do you have backup data centers? Is my data replicated at multiple data centers?
Providers with backup data centers can ensure uninterrupted service in case of infrastructure failure. This will also demonstrate the level of investment the provider has dedicated to your cloud computing solution.
4. What types of security audits do you perform on your systems to protect me from hackers?
Look for providers that contract with third party intrusion detection audits. This demonstrates an ongoing commitment to maintaining the highest level of security.
5. What policies do you have in place to protect the privacy of my data?
Make sure the provider’s employees understand how to protect your data. Ensure that they have procedures in place to maintain their standards.
6. Have you ever had a security breach? When and how will you notify me if there is a security breach?
Hopefully, your provider has never had a security breach. If they have, find out what they learned from it and how they plan to prevent it from happening again. Also, make sure they have procedures in place to notify you if a breach does happen.
7. What happens to my performance if your client base grows rapidly? Is your system scalable?
You should make sure your provider is monitoring the load on their servers and has a proactive plan in place to add servers if necessary.
8. How many clients do you have in your shared cloud computing environment?
Most providers offer a shared infrastructure. Make sure they have a significant number of clients using their cloud computing solutions. This demonstrates experience, client satisfaction, and scalability.
9. What is your largest client?
The answer to this question can help you determine whether the size of your firm is a good fit with the resources the provider has to offer.
10. How is your support team trained to protect the privacy of my data? What can I expect from them when supporting me?
The support team at any cloud computing provider should have strict procedures in place for protecting the privacy of your data, and they should be enforced consistently.
11. How can you help me optimize performance if my applications don’t work well with your hosting?
Cloud computing providers should have technical experts on staff that know how to optimize application performance over the Internet.
12. How do you monitor your system performance?
Experienced cloud computing providers should have sophisticated tools for monitoring their servers and performance metrics. They should manage system availability and schedule system maintenance in a way that minimizes disruption.
13. What experience do you have with the accounting profession?
The accounting profession has a highly seasonal business. You want to make sure your cloud computing provider is sensitive to accounting busy seasons and deadlines. Make sure they offer extended support hours during busy season and that they limit system maintenance and updates during peak times of the year. Learning when they perform system maintenance should help you understand their experience with the accounting profession.
14. If I use your firm to store my cloud computing data, will it be accessible to anyone on the Internet?
There are two types of cloud computing services. The first type is public cloud computing, which hosts public applications like Yahoo and Google. These types of services are publically accessible via the Internet. The other type is called private cloud computing. These applications are restricted between the cloud computing provider and their clients who subscribe to the service. Most business applications are private cloud computing applications.
15. How will I be able to access my data?
You need to discuss the types of data access that your cloud computing provider offers. You should also discuss how you will receive your data should you choose to switch cloud computing providers and move your data to a new location.
16. Can I visit a data center to inspect the facilities?
Many data centers provide scheduled tours of their facilities. These tours will highlight the data center’s physical security capabilities and technology. Firms are typically expected to pay the travel expenses to the data center for these scheduled tours.
For more information on cloud accounting solutions, click here. or visit the additional resources below.