If you're in the market for a cloud storage provider, chances are that strong security and easy file management top your list of important features.
The first question for a prospective cloud storage provider is whether data is encrypted at rest and in transit. Google Drive, for example, encrypts data in transit, but not when it's stored on Google's servers. On the other hand, Box and EMC's Syncplicity encrypt data in transit and at rest. If data is encrypted, determine whether encryption keys are stored in a location separate from the data, as is usually recommended.
You should establish what the cloud storage provider's policies are regarding your files. Some providers clearly state that they have a right to access, review and even reject any content stored in their data centers. Many organizations would not be comfortable with such an agreement, so know the provider's policy on this issue. Review the terms of service, no matter how detailed they are.
Once you've put your files out in the cloud, you no longer control them. Even if a cloud storage provider treats all content confidentially, a rogue employee of the service provider or an outside attacker could compromise your files.
When reviewing a service provider's infrastructure, determine how your data is being protected. Encrypting files at rest and in transit is a great place to start, but other factors include the ability to create reports, generate audit trails and integrate with your internal services, such as Active Directory.
You should also be confident that the provider's network is safely protected and monitored. Box, for instance, claims to constantly monitor its network and perform frequent threat assessments. Its servers reside behind robust firewalls, and an intrusion-detection system monitors network traffic.
In addition, if you're concerned about compliance, determine whether the service's data center meets applicable standards, such as the Health Insurance Portability and Accountability Act or the Safe Harbor standard.
When assessing a cloud storage provider, also consider your ability to permanently delete files. Whether you delete files in a locally synced folder or through a Web interface, the files are often not removed from the server. Most services, such as Dropbox, SugarSync, Syncplicity and Google Drive, require a manual process to permanently delete files.
However, check with the cloud storage provider to verify what happens to a user's files when an account is deleted. To be safe, you might want to manually delete the files before deleting the account. But that can be a tedious process, and even then, can you ever guarantee that the files really have been deleted?
Another factor in a choice of cloud storage provider is cloud service management. The more tasks you can perform centrally and the more you can integrate the service with internal systems, the more effectively you can manage and secure that service.
For example, Egnyte integrates with Okta, OneLogin, Symplified and VMware Horizon to support single sign-on authentication. Egnyte can also be integrated with Active Directory and the Lightweight Directory Access Protocol for centralized management behind a firewall.
If your organization uses mobile device management (MDM) technology, determine whether the cloud service can be integrated with it. An MDM tool can manage the device inventory, apply security policies and distribute software. MDM software also applies updates, protects data, tracks devices and remotely wipes a device to remove corporate data in case an employee leaves the company or a device is lost or stolen. Implementing MDM requires a significant resource investment, and the better integrated the cloud service is with that technology, the more effectively you can protect your mobile devices.
Other considerations include issues such as whether administrators can audit usage, search for files, or set sharing and collaboration policies. With Citrix ShareFile, for instance, administrators can track and log all user activity and create custom reports about account access and usage.
As you evaluate a prospective cloud storage provider, scrutinize the service as a whole to ensure that performance, availability and reliability levels meet your needs. And ask questions such as: How is data protected against hardware and software failures? What backup and replication strategies are in place?
- What to expect from cloud-based services for businesses linked
- What to look for in a cloud storage provider
- Choosing a file-sharing service: On-premises vs. third-party provider
Understand how a site is set up for disaster recovery in the event of failure; if a failover system exists, how long will it take to get back online?
You should also understand how well the service is supported. Does the provider offer 24/7 real-time support? If so, is it by phone, email or multiple options? Or does the provider simply offer a set of FAQs online, which leaves your company on its own if something goes wrong.
In addition, determine whether the cloud storage provider offers service-level agreements. If it does, what are the terms?
Then there's the issue of user experience. After all, that's what got us here in the first place. The last thing you want is to implement a service that employees find difficult to use or inefficient. Determine workers' needs and whether the service meets those needs. That means accounting for the service's syncing capabilities, the devices it supports, whether version histories are maintained and how easy it is to share files. Dropbox set the standard for simplicity and ease of use, and more often than not, Dropbox serves as the benchmark for usability.
In addition to the basics we've discussed, you'll discover another emerging trend in cloud services. Increasingly, providers now offer ways to make their services more extensible by providing application programming interfaces (APIs) or plug-ins. For example, Microsoft has released APIs for SkyDrive that can be used to develop Web services and client apps that take advantage of SkyDrive's storage.
Citrix ShareFile offers its StorageZone Connectors that give users instant access to data stored on corporate networks. The service also provides an Outlook plug-in that converts attachments into links, making it easier to share large files within and without the organization.