From Forbes.com: The folks at Spiceworks recently analyzed the key questions cloud computing buyers need to ask before signing a contract.
Here are the four main categories — ranging from basic technical questions to governance, risk and compliance inquiries.
“Nuts and Bolts” questions:
- Can the solution support our OS platforms and run our applications?
- What web services integrations are available to us?
- Does the solution meet our I/O requirements?
- What will the latency, response times and throughput be for our applications?
- What’s the pricing model and cost?
- What’s my monthly expenditure going to be?
- What are the storage options and costs?
“CYA” questions:
- What data protection strategies are offered?
- Backups, RAID, mirroring, replication, CDP, snapshots?
- What compliance support does the provider offer?
- Is the provider compliant with FISMA, PCI DSS, HIPAA, SOX, GLBA, NERC CIP, or other regulations that are relevant to my industry?
- What reporting options and audit support are available?
- What does the provider off er in terms of physical and systems security?
- What are the provider’s logical access control mechanisms?
- What security controls are in place from a facility perspective?
- What disaster recovery and business continuity plans does the provider have in place?
- How will our stuff be protected in the event of a power outage, facility disaster, local disaster and regional disaster?
- How quickly can operations be restored if the main system goes down?
“Hot Rod” questions:
- What uptime and performance SLAs does the provider offer?
- Are there penalties in place when SLAs are missed?
- What’s the provisioning time for new servers?
- What are the scalability options?
- Can computing resources be expanded and contracted automatically?
- Does the provider off er 24-hour customer service?
- What incident response time SLAs does the provider offer?
- Are there penalties in place when SLAs are missed?
- What options do we have for monitoring/visibility?
“Cloud Control” questions:
- Does the provider give us access to real-time performance monitoring and statistics?
- What’s the management dashboard/control panel like?
- What capabilities does it provide?
- What are the options regarding contract length and terms of service?
- Does the provider off er the flexibility of a short-term agreement?
- What are the multitenancy options?
- Can each department be billed per cloud instance per hour?
- Can we impose billing limits?
- What are our exit options?
- Will the provider help us move our applications and data to another location when the time comes?
- Does the provider have experience in my specific industry?
- Does the provider have experience with companies of my size?
“Warm and fuzzy” questions:
- How long has the provider been in the market?
- What customer references can the provider give me?
- Does the provider have a well-known name?
- Are they recognized in the market?
- What does the industry have to say about the provider?
- Is the provider local?
- Do we have a choice as to where our stuff is going to reside geographically?
- What’s it like to work with the provider?
- Do I like the provider?
- Do I trust the provider?
- Are these people that I can see myself working with long-term?
Full article here.