[Jeff Lauria] Jeff Lauria, Vice President of Technology here at iCorps. Today, we want to talk about hosted services and some misnomers. A lot of companies will host services. Typically, these services are going to be very niche services, membership systems, accounting systems, construction systems. They'll host them for their customers.
One of the things that you should be concerned about - maybe three of the things you should be concerned about - is where they are hosted, who owns the data, and what their security level is. A lot of hosting companies rely upon the data center in which they sit, to provide the security certifications. So for example, a hosted provider may rent space in a data center, run their servers and their application in that data center, and then when you ask about the security, they'll offer you the security documents of the data center, but not of the hosting provider.
You want to ensure that the hosting provider has some sort of security mechanism based around how they use their servers, the security they have in place. So you don't want to rely upon the data center. You want to rely upon them. You want to look at what kind of vulnerability testing they're doing, what kind of firewalls. Are they commingling my data? A lot of times, you'll find out that some of these providers are truly commingling data. They have not done vulnerability scans or assessments. They have not looked at any framework that can help them secure the environment. And that puts your data at risk.
So ask these simple questions:
If you're using a hosting provider, look and ask those questions to ensure that your data is secure. If you need additional information,
please reach out to iCorps. We're more than happy to provide it for you.