– Keao Caindec, SVP and Chief Marketing Officer with OpSource (www.opsource.net) says:


Don’t compromise on cloud security.


Cloud security is critical.  Evaluate your cloud provider based on five levels of security: data center, data encryption, network and network access.  Make sure the data center has 24×7 monitoring, on-site security personnel and closed circuit cameras, biometric two-factor authentication for access, and audit logs. Understand whether your data is stored and transmitted encrypted or not.  Understand whether your servers can be segmented on a separate VLAN and whether you can customize firewalls and load balancing.  Finally, understand how you can access your servers (e.g. public Internet only, VPN tunnel, MPLS, Ethernet cross connect).  Security is critical, and you should be able to customize and secure your cloud environment in the same way that you secure your shared resources in your own data center.

Leverage the power of the Community.

Be sure to get advice from other cloud user.  They’ve been there and done that.  Each cloud provider should have a rich community of end users willing to help you get started quickly.  In considering a cloud provider, look to their cloud community website to make sure you’ll be able to benefit from the experience of others.  Whether you’re looking to simply setup WordPress on Linux server or deploy a full Microsoft .NET 3.5 Framework environment, you’ll be able to move more quickly by spending a bit of time understanding what information is already available on the community website.

Setup multiple users on your account.

In order to use your cloud environment effectively, you’ll want to enable multiple users to use the same account.  In most enterprise IT departments, you’ll have a variety of people that are experts in networking, systems, applications and storage.  Just because cloud computing allows anyone to build servers or storage doesn’t mean that you want everyone on your team to be able to change anything.  Look for cloud services that allow you to limit roles to specific users on your account.  A storage administrator should be able to just adjust the storage parameters.  Your network engineer should be the only one who can setup a new network or setup NATs, firewalls and loadbalancing.  Your IT administrator should be able to create new servers with approved images that have been tested.  Each user should have their own unique username and password, so you can track and limit usage.

Tip No 5. Use detailed reporting to track cloud activities
When things go wrong, it is critical to have an audit log.  With multiple users sharing the same account, it is critical to track usage and activities.  You should expect the same level of detail for your cloud usage as you have for your internal tracking for change management. Be sure to view sample reports and understand the level of detail your cloud service provider tracks across all users and activities.