There are many articles that talk about how unsafe Cloud Computing is, but there almost no (at the time) articles that tell you what to do to protect yourself and your business when transitioning data and applications into the Cloud.

Most of the tips that you will read are based on common sense for online security, but it is the simple things that we usually forget.

–          Always evaluate the Cloud provider very thoroughly and carefully. At the end of the day your data will reside in that provider’s data center and you need to feel good placing it there.

–          Make sure you have a clear assessment of how difficult is to transfer your data, and how much you will have to pay for the transition. Be aware of any custom applications that you may have. Those can quickly rack up the bill higher than anticipated.

–          Always use a hybrid mode until you are 100% sure that the new SaaS model works well. Basically run the SaaS and your legacy applications/data in parallel.

–          Never place all of your data with one SaaS provider. Have your mission critical data hosted with one provider, your non-mission critical data with another, and backup data with a third provider.

–          Implement the appropriate password difficulty level and policies. Your data is only going to be as secure as the password you protect it with. Have the appropriate password request or  change policy

–          Make sure that you have established a team to manage your backup and recovery.

–          Schedule regular testing procedures to exercise recovery of lost or stolen data.

–          Train! Train! Train your employees how to securely use the new system and what the best practices are.

As always, I would be glad to hear back from you, especially if you think I forgot to list a valuable TIP. I will be glad to add it to the list.