Blog

Checklist for secure cloud providers

More and more companies are turning to cloud services in their everyday lives that were actually developed for consumers. But do these solutions really offer sufficient protection for sensitive data?
Six steps to a secure cloud

Practice shows that companies often do not know whether their cloud service provider (CSP) really complies with all regulations. This checklist helps you to better assess your risk and ensure the necessary level of security, compliance and governance when dealing with cloud services.

1. Who controls the hardware?

Anyone commissioning a third party must ensure compliance with security standards – and be able to verify who has access at any time. So make sure that your service level agreements continue to be adhered to after they have been signed.

2. What happens with your company data?

Network monitoring should provide all the information necessary to meet compliance rules, as risks remain even without a breach of data protection. This is already the case when companies do not know whether their data is at risk in the first place.

3. Where is the data stored?

In many cases, the risk lies with the company, even though the data is stored with an external provider. Thus, companies should also ensure that the management of keys is carefully supervised. In the end, it must always be clear who owns which data.

4. Who processes your data?

If a company has special requirements regarding hardware, network, storage, users and administration, a provider usually cannot meet these requirements. Therefore, you should demand full access to user protocols and integrate them into your own set-up.

5. How do you collaborate?

Naturally, everyone wants to avoid data silos. But there is always data that must not leave the company. A separation between cloud service and internal processes is therefore necessary to meet each company’s high standards.

6. Do you comply with all relevant laws?

If a company can prove beyond doubt that it has complete control over its data, then the first big step has been taken. Failure to do so could have serious consequences if data protection regulations are violated.

ownCloud

June 26, 2020

Read now:

Understanding Web Applications in oCIS

Understanding Web Applications in oCIS

In today’s fast-paced digital world, web applications play a crucial role in enhancing user experience and functionality. Infinite Scale comes with a world-class web interface to manage file resources, but it can be extended by utilizing ownCloud Infinite Scale (oCIS) as a construction set for custom web apps.

read more
Full digital sovereignty has 3 levels

Full digital sovereignty has 3 levels

Digital sovereignty is becoming increasingly important for public authorities and companies – and they already have the option of using fully sovereign software stacks. Content collaboration specialist ownCloud explains what sets them apart.

read more