Breaking up is hard to do, but sometimes it’s for the best, especially when it’s moving from one cloud vendor to another. There are a number of reasons to transition to a new cloud vendor, but you need to make sure you don’t mess something up along the way. There’s following applicable federal laws, ensuring the old vendor won’t talk about the information you stored with it, and using strong security to transfer the files. Use the following tips to help you transition to a new cloud vendor without falling afoul of hackers and laws.
Make Sure NDAs Are Signed
Image via Flickr by Razza Mathasda
NDAs, or non-disclosure agreements, make sure that the cloud vendor won’t discuss the details of your business with unauthorized parties. That is, they can’t go talking behind your back with someone else about your data, how your business used the cloud, and anything that you did that the vendor disagreed with. Vendors typically don’t discuss their customers, but it never hurts to have extra legal protections in place when leaving.
Check Federal Legislation
Certain industries have federal laws that govern how they store data. One such industry is the medical field. HIPAA, or the Health Information Portability and Accountability Act, is legislation that dictates how patient information is viewed and stored. A patient has the right to know that his or her personal and sensitive information can’t be released to parties who have no business holding the information. HIPAA has been updated to reflect off-site storage of information in the cloud, but the provider must meet federal standards for security protocols and practices.
Familiarize yourself with the cloud security requirements of HIPAA and check that the new vendor complies with them. Securing patient data is priority number one, and if the new cloud vendor can’t guarantee data security, it’s time to find one that does.
Hire a CASB for Security
A cloud access security broker, or CASB, is an external safeguard for access to the cloud service provider. Think of it like a bank vault where only certain people have the combination to the safe. The CASB comes in two configurations: a physical computer on site and connected to the servers or a virtual CASB that’s hosted in the same building as the cloud servers.
The CASB is controlled by your company, and either you or your IT staff set up who has access to what files. It also allows IT personnel to view who’s logging into the cloud storage and accessing files. They can determine who’s taking down or putting up files and the day and time that they did it. It’s easier to detect an abnormal use pattern and investigate if it’s due to a break-in attempt or someone changing up how they get into the files.
Switching to a new cloud vendor is a bit of an undertaking. You need to make sure everything is in place before you move, during the move, and after the move. But once the move is complete, you can move on with business as usual.