The first key to success is thinking long term, and planning optimistically for years of great service; also, when contracting with cloud providers, it’s wise to leave room for making a switch if necessary, or at least renegotiating service level agreement terms.
The second key to success is understanding security, particularly in a multi-cloud environment; ensuring corporate data and systems are protected from cyberattacks, intentional or accidental data lose internally, and threats from external actors is also critical.
While the cloud computing market is generally controlled by tech giants like AWS, Microsoft and Google, there are many smaller, more local providers, and a good number of competitive, often vertical industry niche providers.
Here are five recommendations, or questions to post to cloud service providers:
Come to the table with tangible, measurable expectations. This may seem obvious, but often the notion of moving certain compute needs to the cloud is driven from higher ups – for example, we need to save money, we need to make sure we can scale, we need to support digital transformation initiatives.
Clarifying your specific requirements and expectations in advance of assessing and then spending time with providers ensures you are comparing them against real-world requirements, including security.
Don’t be afraid to ask for references, even from the largest providers. Ask for use cases, ask for performance data, ask for economic results (“ROI” and “TCO”). Ask about their certifications & standards and request their full range of technologies, including those on future roadmaps.
When it comes to security, ask specifically about their data integrity measures, data governance and ability to meet standard and your own business policies. Make sure they are accredited with certifications including ISO 27001 and other compliance indicators, including government regulations
With so much integration, APIs, and general partnering associated with the cloud, make sure you understand exactly what the cloud service provider is delivering, vs. their partners, and understand how that might impact your SLAs, contracts and other commercial terms and remedies.
One of the biggest surprises coming from cloud service providers over the last decade has been fees associated with switching out of their services to another provider. As the cloud compute landscape becomes increasingly competitive, you can negotiate terms, but should do so upfront, so the relationship is healthy from the start.
Ask about your options, and don’t be afraid to negotiate.
You may find that a niche player provides the best option, perhaps because they understand your industry better than the tech giants. Or, you may find smaller, more local providers are more flexible when it comes to terms.
That’s great, but make sure your cloud compute provider has a track record of stability, a strong balance sheet, and enough capital to operate for years and even decades to come. Ask about any past legal issues, and make it clear your decision will be based on due diligence. Strong providers will respect your professionalism and approach.
In short, it’s important to get a “360” view of the contenders for your business, including technical and business capabilities, in addition to the less tangible “soft factors”, for example trust and cultural compatibility.
And in summary, there is no cloud service provider worthy of your trust if security is not a forethought and a critical part of their technology roadmap.
Author: Shannon Murphy
Elevating Privileged Access Management with Kron PAM and Microsoft Entra ID Integration
May 23, 2024
Enhancing Security with Kron PAM's Multitenancy: A Game-Changer for Large Organizations
Jun 10, 2024