Short break out from the post:
Here are Ron’s top ten tips for CSPs, whether you’re already a cloud player or plan to become one:
- SaaS = TRUST. If you can’t provide a trustworthy environment, don’t provide it at all.
- Invest in security and compliance. Don’t skimp—it is fundamental to your business and its future.
- Customers will always have concerns and ask questions. Be proactive: identify issues ahead of the curve and address them. In addition, assign a professional point person qualified to communicate with customers and address their concerns in detail.
- Marketing: explain why your security is good (and mean it- make sure you are able to back up your statements.)
- Document your practices: make them accessible and comprehensible to customers.
- Listen to your customer’s needs: what kind of compliance needs do they have and why? (What is applicable to your services?)
- Use independent security & privacy seals, e.g. SSAE SOC-2, privacy seals, and known security brand scans.
- Connect and be active in leading industry organizations and follow their standards, like the Cloud Security Alliance. Research and learn the common compliance requirements, standards, etc.
- When possible, narrow the scope of sensitive data under management by using encryption, data masking, avoiding storage of sensitive data, etc.
- Embrace customer feedback and leverage the power of community to improve your security.Does this make sense to you? It does to me. Tip no. 1 pretty much says it all.