We are exploring other few factors that helps in deciding cloud vendor. Software companies in India recommend following factors/elements to be considered.
- Speed to deliver or network throughput
- Data in Motion
- Logging and Audit
- Help and Support
- Additional features
We will discuss each point in detail.
- Speed to Deliver and Network Throughput
The speed at which the user can push or pull data to cloud storage determines the throughput. If the cloud provider went “low end” on their choice of upstream networks (high packet loss) or under provisioned bandwidth for the storage deals they sell (thin pipes), that “unlimited storage” deal suddenly looks a cloud mirage. It’s always better to insist on a trial period (most providers offer them) and monitor throughput both up and down with real data over a number of days.
However, if the cloud providers offer multiple methods (or protocols) to access their service, users may opt to use a weaker than default option; e.g. FTP or WebDAV with no SSL. One thing to avoid is confusing the encryption endpoint cloud providers use when the users of cloud push/pull the data, with the encryption they use on their website. So users might check their website SSL certificate, see it’s issued by a reputable CA and feel reassured.
In reality, the company devices will communicate with their storage endpoints running on different servers with different SSL/TLS setup. And this is where problems can creep in. For example; a provider may require user to use their software to access their service. Their software may not be programmed to verify the SSL certificate of the storage endpoint (this is not specific to storage security; it’s surprisingly common across SSL clients). But since users are using their software, they won’t see any message alerts or pop-up boxes warning that their SSL session is subject to a man in the middle attack.
Some cloud storage providers do not provide any user accessible logs. What data was accessed by who and when is kept hidden many times. It’s safe to assume that if they do not expose this data to users via their website or an API, the users will not be able to obtain this information. This is nearly always the case on free plans. Logging and audit features tend to come with “Professional” and “Enterprise plans”.
Storage providers offering monthly plans generally do not charge separately for logging – it’s usually baked in (but do double-check before signing up).
Supplemental to logging and audit trails is whether the storage provider exposes an event API. This is like an activity feed that a program can subscribe to and react to events. For example; if company business partner started erasing all the shared files, one could find out in real-time… Real-time notifications (with a way to program a “reaction”) may be the fastest way to learn when cloud account or file has been compromised."
Help and support for Cloud and Online Services and provided with Links to customer service, technical solutions, and answers to top cloud computing issues. Also if the users don't find the solution, they can have more options in the troubleshooting tool and provide with recommendations. Having a 24/7 support is what the users shall look for considering the users reside in different time zone.
"Cloud storage providers oversell storage to survive in a competitive market: for every 1GB of space they “have”, they will sell it many times over. This is a common business practice and works when there is reasonably predictable consumer behavior. In short: the majority of “pre-paid” customers don’t use all the resource they are entitled to.
