Taulia Replies on 10 Security Questions to Ask Potential Cloud Vendors

April 3, 2013 Martin Quensel

secure-cloud-computingIn a recent article in the Tech Republic,  Ask Potential Cloud Vendors These 10 Security QuestionsDominic Vogel discusses the top 10 security questions to ask potential cloud vendors.

Their is an extremely high standard of security that is expected from cloud providers, so it is increasingly important to be diligent in the vendor selection process. 

Vogel says "before deciding to engage with a cloud provider, ask them to answer (truthfully) this security questionnaire to gauge their information security maturity". So here we go:

Does the organization have formal written information security policies? YES

Are external third-party contracts required to comply with policies and customer agreements? NO

Does the organization have a formal change control process? YES

Is physical access to data processing equipment (servers and network equipment) restricted? YES

Do they follow secure data destruction processes for confidential data and IT equipment/media? YES

Do they implement controls to segregate your data from other customers? YES

Does the organization encrypt (and regularly test) its backups? YES

Does the organization have regularly tested disaster recovery plans for data processing facilities? YES

Can they provide results of a third-party external audit conducted within the past two years? YES

Will they provide relevant certificates of applicable compliance certifications? YES

Feel free to reach out to me to go into any more details on these questions.

Previous Article
How To Have A Lean, Efficient Payables Process [Infographic]
How To Have A Lean, Efficient Payables Process [Infographic]

Check out this infographic on how to have a lean, efficient payables process!

Next Article
Key Takeaways from SAP Financials
Key Takeaways from SAP Financials

We had a very successful week at SAP Financials in Las Vegas. Having the...