Latest News

Greetings to all NSAC members from the President!
It is hard to believe that the harvest season is here for many of our members! It does not seem that long ago that we were all talking about the wet/dry, hot/cold weather than seemed to stay around...
Read More >>

COSO Releases Updated Enterprise Risk Management Framework
The Committee of Sponsoring Organizations of the Treadway Commission released a long-awaited update Wednesday to its ERM Framework: Enterprise Risk Management–Integrating with Strategy and...
Read More >>

3 Steps To Protecting Your Business From Workplace Fraud
Every few months, a major fraud investigation hits the news. According to a new report titled Keeping Business Clean: A CGMA Guide to Countering Fraud & Corruption by the Association of...
Read More >>

Companies shouldn't rush to adopt new hedge accounting standard
The Financial Accounting Standards Board released its long-awaited hedge accounting standard this week, but companies may want to be careful about adopting it early, or else they could miss out on...
Read More >>

Embezzlement by Employees
In the cult film "Office Space", workers at a technology company seek revenge for boring jobs and bad treatment by ripping off their employer via software that skims fractions of pennies with each...
Read More >>

View News Archives >>

Questions You Should Ask Your Cloud Provider

Published on June 30, 2016

When it comes to picking a cloud provider, you should ask some tough questions.

1. Where will my data be located? Everyone’s a cloud provider these days, and you don’t want your data in someone’s garage. Ideally, your information will be stored in a safe part of the country that’s remote from your own location, so it’s not subject to the same regional risks.

2. What can go wrong during installation or migration? This could range from problems with Internet connection on up to data loss or incompatibility, so you want to discover the problems that previous users have faced.

3. Is the provider a reseller of cloud services, or does it own the equipment it provides the cloud services on? This is one of the most important questions. Are they hosting on their own equipment, or on Amazon? If it’s someone else’s infrastructure, you may not have clarity on who is responsible for service and support.

4. Is the provider sharing hardware resources between clients? You want to know whether your processing is being dedicated just to you, or if it’s being shared out among all the provider’s customers.

5. What are the specs of the data center the provider operates out of? This would include physical and electronic security measures, redundancies, and so on.

6. Does the provider have insurance in the case of an outage or data loss? It is estimated that 95 percent of cloud providers do not have insurance against your data being destroyed or unavailable. The reality is that a very good cloud provider will have insurance.

7. How much Internet bandwidth is needed for the solution to perform correctly? This is one of the most crucial questions to ask -- and you want to make sure that you know the figure per user. You’ll also want to check with your Internet service provider to know what are both your upload speed and your download speed.

8. Is my data automatically redundant across multiple data centers? This will give you a strong idea of their backup and security procedures.

9. What is the recovery time if the systems hosting my data are completely destroyed? And don’t forget to ask what kind of secondary backups they have, how often they’re made, and how often they’re tested.

10. Does the provider have documented data security policies? Every cloud provider has employees. One of the fears is, ‘Doesn’t someone else have access to my data? Knowing the kind of formal security policies they have in place will give you an idea of how secure your data is from the provider’s own staff.

11. What is the average total downtime for the services I’m subscribing to? They should be able to tell you have often during a particular period of time -- annually, over three years, over five years, etc. -- their services are unavailable. It should be a relatively low percentage.

12. Does the provider outsource its helpdesk? Is it offshore? Outsourced? Will it give you the support you need on the schedule you need?

A number of items you want to make sure are included in the provider’s service level agreement include a clause clearly stating who owns the data (you), a confidentiality clause, clear identification of where primary and back up data will be located; an insurance clause; guarantees of uptime; and a “change of business” clause covering what happens if the provider is acquired by another company.