Get ready for a big surprise: keeping your money in a bank—where it’s protected by endless technological and physical safeguards—is safer than keeping it under a mattress in your home.
Ok, so not that surprising.
So why is it that when people think about their ERP data, they believe that it will be safer “at home” (i.e., an on-premise solution/server) than in the Cloud, where it’s protected by endless technological and physical safeguards?
Wish we knew!
But the fact is that
When is the last time you heard of an on-premise solution or provider being held to such standards or conducting similar security audits? Likely, never.
WHAT ARE SSAE-16 AND ISAE-3402 ANYWAY?
Typically, these audits test varied and specific control objectives for the physical and logical security of servers, system uptime, backup consistency, and even the knowledge of staff (and their backgrounds) may be audited.
PEOPLE ARE KEY!
Note than when you’re investigating a Cloud provider, ensure that it’s not merely its data centers that have SSAE-16 and ISAE-3402 reports available; you should ensure the organization itself has them, too. Because it’s the people—more than the platform—that have the greatest impact on data security in the Cloud.
Want to know more about SSAE-16 and ISAE-3402 audits? Take a look at the