- Service Level Agreements (SLAs)
- Certified and Accredited Security
SLAs came out of the telco industry and I have always had a fundamental belief that you look to the following industries for best practices:
- Telcos--> availability and scaling
- Wall Street--> real time and availability
- Intelligence Agencies--> security
- Health Care--> privacy and security
- Search Engines-->Massive scaling
Cloud Computing is the right answer for many, but not all problems. It was Sun Microsystems Founder Scott McNealy that used to call for the Big Friggin' WebTone Switch (BFWS) as he called it. Scott was right when he would ask the question of customers, "why are you building this yourself?"
If the cloud computing company you are dealing with does not have a clear SLA, run, don't walk to a different company. Just a couple of weeks ago Twitter went down. That was not surprising to me, but what was surprising to me was the example of a company that had planned to use Twitter that day as its only mechanism for a product announcement. Are you kidding me? Who possibly thinks that you can place such a large bet on a company that has a best try mentality with no guaranteed SLAs in place?
Security is hard. Period. Full stop. Here is the bottom line on security.
- All data in motion or at rest must be encrypted.
- Realtime governance is the enabler or disabler for security.
"The FBI said it is working to stem the problem.
"We share a mutual concern with respect to criminals' unrelenting intent to target our nation's financial sector and customers, whether through computer hacking or by other schemes to steal customer account information and make unauthorized withdrawals," Steven Chabinsky, deputy assistant director for the bureau's cyber division, said in a statement."This article amplifies the importance of security and some of the real costs that can occur.
The reputation of a cloud computing company can be lost with just one major outage or security violation.