
- 31% of companies breached in 2012 were small businesses
- 20% of the hacks were successful
- 60% of the companies successfully hacked were bankrupt within half a year.
- Privacy – Ideally a provider will encrypt your data, make it anonymous, and make your locations of remote access inaccessible.
- Integration – In the case of a hybrid solution, you can make use of integration with security tools you have in place for your other systems.
- Certification – If you have specific compliance concerns, check with your provider to make sure they are certified to meet your needs. Develop a system of metrics so you can analyze and track your cloud hosting environment. Consider the process required of your users to enter and leave the system.
- Access – Your system should have protections (of course) to guard against malicious intrusion. Specifically consider safeguards in place for your databases.
- Software – How does your platform keep your code from becoming corrupt? How are people vetted for managerial positions in which they might have greater access to your code? How do they test or model for security threats?
- Location – The country in which your provider is headquartered will affect the laws surrounding your data.
- Rights – Are you the owner of the data on your systems? Do you want to encrypt it, and do you have encryption keys that you want to use? Do you have a backup of the data? What is the process for purging the backup?