50 Questions Every Cloud Computing Buyer Needs to Ask

From Forbes.com: The folks at Spiceworks recently analyzed the key questions cloud computing buyers need to ask before signing a contract.

Here are the four main categories — ranging from basic technical questions to governance, risk and compliance inquiries.

“Nuts and Bolts” questions:

  • Can the solution support our OS platforms and run our applications?
  • What web services integrations are available to us?
  • Does the solution meet our I/O requirements?
  • What will the latency, response times and throughput be for our applications?
  • What’s the pricing model and cost?
  • What’s my monthly expenditure going to be?
  • What are the storage options and costs?
“CYA” questions:
  • What data protection strategies are offered?
  • Backups, RAID, mirroring, replication, CDP, snapshots?
  • What compliance support does the provider offer?
  • Is the provider compliant with FISMA, PCI DSS, HIPAA, SOX, GLBA, NERC CIP, or other regulations that are relevant to my industry?
  • What reporting options and audit support are available?
  • What does the provider off er in terms of physical and systems security?
  • What are the provider’s logical access control mechanisms?
  • What security controls are in place from a facility perspective?
  • What disaster recovery and business continuity plans does the provider have in place?
  • How will our stuff be protected in the event of a power outage, facility disaster, local disaster and regional disaster?
  • How quickly can operations be restored if the main system goes down?
“Hot Rod” questions:
  • What uptime and performance SLAs does the provider offer?
  • Are there penalties in place when SLAs are missed?
  • What’s the provisioning time for new servers?
  • What are the scalability options?
  • Can computing resources be expanded and contracted automatically?
  • Does the provider off er 24-hour customer service?
  • What incident response time SLAs does the provider offer?
  • Are there penalties in place when SLAs are missed?
  • What options do we have for monitoring/visibility?
“Cloud Control” questions:
  • Does the provider give us access to real-time performance monitoring and statistics?
  • What’s the management dashboard/control panel like?
  • What capabilities does it provide?
  • What are the options regarding contract length and terms of service?
  • Does the provider off er the flexibility of a short-term agreement?
  • What are the multitenancy options?
  • Can each department be billed per cloud instance per hour?
  • Can we impose billing limits?
  • What are our exit options?
  • Will the provider help us move our applications and data to another location when the time comes?
  • Does the provider have experience in my specific industry?
  • Does the provider have experience with companies of my size?

“Warm and fuzzy” questions:

  • How long has the provider been in the market?
  • What customer references can the provider give me?
  • Does the provider have a well-known name?
  • Are they recognized in the market?
  • What does the industry have to say about the provider?
  • Is the provider local?
  • Do we have a choice as to where our stuff is going to reside geographically?
  • What’s it like to work with the provider?
  • Do I like the provider?
  • Do I trust the provider?
  • Are these people that I can see myself working with long-term?

Full article here.



Contact Matthew Nicholls (ph: +61 3 8376 7131) to discuss your requirements.