If you’re working with a public cloud service or a managed services provider (MSP), you’ve likely given up some measure of security control. When you work with an MSP, you’re essentially relinquishing physical management to a third party. The economic benefits of an MSP are an obvious plus, but can you enjoy them without sacrificing security? The short answer is yes—if you maintain an open dialogue with your MSP about data security.

Assess Your MSP’s Security Measures

When searching for a reliable MSP, you’re entitled to a frank discussion about the prospective company’s security policies and practices. Identify your personal expectations regarding threat defense, access permissions, and data partitioning—and be prepared to carefully discuss these issues. Do the MSP’s policies closely align with your own? If you agree on a basic security philosophy, take care of some additional security measures, including:

Encryption protocol. If you’re in an industry like finance or healthcare, you may already be required to encrypt your data. Even if you’re not in a business that deals with sensitive client information or private records, you still need encryption measures. Decide whether you’re going to retain control of your own encryption or if you’re going to delegate it to your MSP.

Compliance monitoring. Before you give up control to a managed services provider, you need full disclosure about where your data could end up. If they’re not fully compliant with your industry’s rules, you may need to look elsewhere.

Privacy and logs. Can you gain access to your MSP’s logs? If not, you’ll be in a tough spot when you’re hit by an industry audit. You’re ultimately in charge of complying with industry regulations—not your third party provider. Take proactive steps to ensure you won’t be stuck between […]