Mature man engaged in conversation with a woman

Choosing the right cloud provider to suit your needs

We all know that cloud services are becoming pivotal to futureproofing a business. They’re easy, affordable, (mostly) secure, reliable, resilient and scalable. The chances are pretty good that your business is already invested in some kind of cloud technology, but if you’re looking to finally take the leap, or simply looking to move some services to the cloud, we’d like to offer some advice to help you decide who to entrust your data to.

 

Too much choice?

We believe there are actually quite a few things to consider before jumping into a partnership with a cloud provider. From the obvious reputation, storage capacity and pricing – to the marginally less considered security, terms of contract, deployment and ease of use. Choosing the vendor that works best for you can be tricky, but we see that as a positive thing. In the past, it was easy for us to simply choose one of the big names out there, like Azure, AWS or Google. This was known as the ‘cloud first’ movement where many businesses looked at the big 3 and chose the one they had a better feeling about, perhaps with pricing in the back of their minds. Competition for your business has brought along many additional big names to throw into the mix, such as HP, IBM, Cisco, Egnyte, SAP and Oracle. Other vendors like Adobe, Workday, Dell and Salesforce are following suit along with hundreds of lesser-known companies – all more than capable of looking after your services. How is all of this choice a positive thing I hear you ask? Well, other than the obvious increased offerings at a better cost that the competition brings, you can actually base your decision on what matters most to you. Sometimes being a customer of a large corporation can feel a little like role-reversal where you’re almost begging them for any kind of human contact, or like you’re too small a fish to your voice heard. Those days are over.

 

Selection criteria

We believe that security should come behind reputation and price in your decision process. We actually think it should come before those factors but hey, we’re realistic here. Before you get started, you must understand what you’re comparing each of the vendors against. To do that, the first thing you must do is truly understand what you want to host in the cloud – your crown jewels. Is it infrastructure, company or customer data, everyday applications, development? Are there any laws, regulations or legislations that need to be considered for hosting this in the cloud?
Next, you need to complete some sort of risk assessment against moving your service to the cloud. It can be on any scale that you feel appropriate, be it a Data Protection Impact Assessment (DPIA), an open discussion with invested stakeholders or simply a good old pro’s and con’s list. Finally, determine what you want to see from a provider to mitigate those risks (satisfy or outweigh the ‘con’s’). Assess a provider against their ability to mitigate your risks, rather than on their features.

Next, let’s talk about resilience. This is so important for any cloud service as it’s one of the major factors for moving a service to the cloud. You want a provider that is adaptable, predictable and self-healing (has good redundancy). Cloud technology is not impervious to attack or excluded from misfortune, system failures or mishaps as a result of human error. My father always told me never to trust a man that hasn’t made a mistake but rather those who have been burned and have learned a lesson. Don’t research whether a vendor has had a breach, research what they did afterward having one! This helps cover our next tip: transparency. If your cloud partner are not open and honest with you, or you can’t get them into a room, on a call or in a videoconference, how can you trust them to be there for you when something goes wrong?

Jurisdiction is becoming an increasingly important factor for many companies. Where is your data being held? Some sectors will be legislated to keep data in their own country. If that doesn’t apply to you then data residency becomes entirely your own decision. Cloud providers should have the ability to tell you where your data is kept and to confirm that is isn’t replicated to another jurisdiction. Localisation is bound to increase in the coming years so bear this in mind.

 

Final considerations

There are also a number of other vital consideration to bear in mind when choosing a vendor:

•  Certifications and standards
•  Third parties that may have access to your data
• Contracts and Service Levels
•  Financial stability of the vendor
•  Hybrid cloud capabilities


We hope this makes it easier for you to find the right solution for your business. Feel free to contact a member of our team if you’d like some further advice. We offer a few cloud services by way of partnership with some of the bigger players with whom we’ve built strong relationships, like Microsoft Azure and Egnyte.

 



Jason Abrahamse

Jason is ITbuilder's security expert and leads our information security project team. He provides consultancy and support on matters relating to cyber-resilience and data protection.

Something of an industry veteran, Jason has held various roles in the industry and combines that expertise to consult with customers on security best practices.

Jason is a native of South Africa, but is now a fully naturalised Brit except for not being accustomed to the cold. He lives locally in Hertfordshire.


More articles from

Back to Blog