How to Choose a Cloud-to-Cloud Backup Provider for the Enterprise: New eBook
By John DeWolfChoosing a cloud application backup provider is like any technology decision: there is no one-size fits-all solution. You must determine which provider offers the best cost/benefit for your organization’s unique needs. Companies at the enterprise level typically have additional needs when it comes to purchasing technology. Data security requirements, for example, are more stringent for enterprise organizations. In today’s post we will take a look at a couple of the key features associated with cloud-to-cloud backup systems.
Encryption and Safety
As all IT professionals know, there is no such thing as perfect security, so understanding the safeguards built into the storage of your backups is critical: how protected is your data in the event of a breach?
First, you should make certain that your data is encrypted when at rest. That is to say, the data in your backup system is encrypted at all times, such that a hacker stealing the file does not expose the data.
Second, you should understand the encryption-key management techniques used by your vendor. The two primary key management options are:
- Single Key for All Customers: This is the least secure because if this one key is compromised then all customer data is at risk…
- Key per Customer, User or Object: This is more secure as long as these keys are likewise protected by some other master key… In these cases, an intruder would need to compromise progressively more keys to get access to your data.
SLA on Data Security
An SLA typically refers to the uptime of an application, but for a backup service, the most important aspect of the SLA should relate to the reliability of the service to back up your data. If you need to restore data, you must first have the right data backed up. This is different than the durability measure, which guarantees that your backups won’t degrade or become lost over time. Backup integrity ensures that your data is accurately duplicated during the backup process. Ask your vendor what their SLA guarantees as to the integrity of backup data.
Documented Security Policies
Any SaaS vendor – cloud-to-cloud backup providers included – should have a documented security policy that the company can provide you, in writing, at any time. The policy should include specific practices around these key areas:
- Physical hardware security
- Security update frequency
- Audit frequency
- Policy for notification of breaches
- User password strength requirements
These features are only the tip of the iceberg when it comes to making a well thought out cloud-to-cloud backup purchase. Please download a copy of the complete guide below to understand all of the key features your business should be considering.
