You’ve decided to outsource your IT needs to a third-party provider. But who should you trust with your critical infrastructure and data?
This article will give you some tips on what to look for in a secure hosting partner and provide you with a checklist of what you should expect to find when you take a tour of a potential data center.
The secure hosting provider you choose is more than just a data center building. You’ll be keeping the most valuable assets of your company there, whether it’s on a physical or virtual server. Here are the top 5 evaluation criteria for data center selection.
- Compliance: If your organization needs to follow regulations such as SSAE, SOC, HIPAA, or PCI, then you’ll need a data center that does, too. Keep in mind that not every regulation is “certifiable,” such as PCI or HIPAA. If you meet a provider who claims to be HIPAA certified, move on. Look for providers who are audited instead.
- Physical security: While websites can be full of good information and pictures, it’s wise to see the site yourself. Schedule a tour of the center you’re interested in and see for yourself how equipment is handled and stored. Look for things like locked doors, key code or card entries, two-factor authentication, and alarm systems. You don’t want your data to be accessed by just anyone. A tour can also give you valuable insight into how the company behaves around you. Are the employees friendly and knowledgeable?
- Human error prevention: Social engineering is one tool widely used by hackers to gain unauthorized access to data centers and their information. Because human error is one of the most overlooked methods of data loss and theft, it’s a good idea to test your potential center’s policies and procedures.
- Administrative security: A secure hosting provider should be willing to provide paperwork such as business associate agreements if needed and be prepared to share their auditing reports with you, giving you a window into their security practices.
- Emergency procedures: Ask to see policies and procedures regarding an incident. Ask about their transparency in communicating with clients in the event of an outage. Find out about the center’s power, network, fire suppression and cooling systems and how they work in case of a failure. Is there redundancy? Does it fit your needs? In conjunction with that, find out the provider’s Service Level Agreement and how well they adhere to it.
When it comes to outsourcing your data infrastructure, you don’t want to have just anyone do it. The above list will help guide you to making the best buying choice for your business.