Stay Secure in the Cloud by Working WITH Your Managed Services ProviderIf you’re working with a public cloud service or a managed services provider (MSP), you’ve likely given up some measure of security control. When you work with an MSP, you’re essentially relinquishing physical management to a third party. The economic benefits of an MSP are an obvious plus, but can you enjoy them without sacrificing security? The short answer is yes—if you maintain an open dialogue with your MSP about data security.

Assess Your MSP’s Security Measures

When searching for a reliable MSP, you’re entitled to a frank discussion about the prospective company’s security policies and practices. Identify your personal expectations regarding threat defense, access permissions, and data partitioning—and be prepared to carefully discuss these issues. Do the MSP’s policies closely align with your own? If you agree on a basic security philosophy, take care of some additional security measures, including:

  • Encryption protocol. If you’re in an industry like finance or healthcare, you may already be required to encrypt your data. Even if you’re not in a business that deals with sensitive client information or private records, you still need encryption measures. Decide whether you’re going to retain control of your own encryption or if you’re going to delegate it to your MSP.
  • Privacy and logs. Can you gain access to your MSP’s logs? If not, you’ll be in a tough spot when you’re hit by an industry audit. You’re ultimately in charge of complying with industry regulations—not your third party provider. Take proactive steps to ensure you won’t be stuck between the proverbial rock and noncompliance hard place.

Avoid Hindsight

While hindsight is definitely 20/20, lax security measure and leaning towards “online openness” has, in the past, wreaked digital havoc that ended up costing millions of dollars. In 1988, the world was exposed to what would become known as the first computer superbug. It infiltrated thousands of systems, and its impact only feels relatively small to us today because public Internet was still more or less in its infancy (anything similar today would probably cause damages totaling into the billions!). And it most definitely could have been prevented, if the National Security Administration had been less cautious about putting encryption on public networks. In retrospect, avoiding what was an extremely costly mistake was entirely possible, and a clear example of why being proactive about your own security needs is so important.

To avoid the being in the unfortunate position of remorseful (and pricey) hindsight, take a hands-on approach to choosing your MSP. Keep an open and running dialogue with them to ensure they’re up to the challenge. Decide how much control you’re willing to relinquish for encryption and data storage. Ask for complete transparency in how an MSP stores and moves your company’s important information. Remember: A little bit of prevention now will save your business from a possible breach or non-compliance charges later.

At Advanced AV we empower live meetings and remote collaboration by deploying the technology that helps your organization connect, communicate and engage with its customers, employees and stakeholders. Connect with us to find out more about how Advanced AV can help you achieve your business and technology goals.

 

photo credit: Virus via photopin (license)