Checklist for secure cloud providers

Posted by ownCloud GmbH – 26. June 2020

Six steps to a secure cloud with ownCloud

More and more companies are turning to cloud services in their everyday lives that were actually developed for consumers. But do these solutions really offer sufficient protection for sensitive data? Practice shows that companies often do not know whether their cloud service provider (CSP) really complies with all regulations. This checklist helps you to better assess your risk and ensure the necessary level of security, compliance and governance when dealing with cloud services.

1. Who controls the hardware?

Anyone commissioning a third party must ensure compliance with security standards – and be able to verify who has access at any time. So make sure that your service level agreements continue to be adhered to after they have been signed.

2. What happens with your company data?

Network monitoring should provide all the information necessary to meet compliance rules, as risks remain even without a breach of data protection. This is already the case when companies do not know whether their data is at risk in the first place.

3. Where is the data stored?

In many cases, the risk lies with the company, even though the data is stored with an external provider. Thus, companies should also ensure that the management of keys is carefully supervised. In the end, it must always be clear who owns which data.

4. Who processes your data?

If a company has special requirements regarding hardware, network, storage, users and administration, a provider usually cannot meet these requirements. Therefore, you should demand full access to user protocols and integrate them into your own set-up.

5. How do you collaborate?

Naturally, everyone wants to avoid data silos. But there is always data that must not leave the company. A separation between cloud service and internal processes is therefore necessary to meet each company’s high standards.

6. Do you comply with all relevant laws?

If a company can prove beyond doubt that it has complete control over its data, then the first big step has been taken. Failure to do so could have serious consequences if data protection regulations are violated.

Please fill out the form below to get your download.

Please deactivate your script blocker or use a different browser to load the form.

By submitting this form, you are granting ownCloud GmbH permission to contact you. You can revoke permission any time using the unsubscribe link found at the bottom of every email or by sending an email to