The document outlines essential considerations for enterprises evaluating cloud backup services, emphasizing the importance of security, data encryption, and compliance with regulations. Key factors include access control, data loss prevention, data governance, and adherence to international standards. As cloud storage spending is projected to increase, selecting a reliable provider is critical for protecting sensitive data and ensuring operational continuity.

1. CIO’s Security Checklist
for Cloud Backup
Are you considering storing your company data in the cloud? You’re not alone. Spending on cloud storage is expected to rise
from $2.4B to $8.7B in the next 3–5 years, with 23% of that being spent on cloud backup.
Storing and backing up data in the cloud can bring your company agility and elasticity, but first you need to know the basics
of cloud security. Choosing the right cloud backup service provider is crucial to ensure adequate protection, security, and
availability of enterprise data. Here are the essentials to consider when evaluating enterprise cloud backup for end user
devices, for your data security success and peace of mind.
Data Encryption Access Control
Does your endpoint backup solution oer
secure, easy to manage access, like simple
sign-on?
Does it allow administrators to mandate that
employees use a PIN to access the backup
mobile app?
Does it integrate tightly with your company’s
Active Directory server?
Data Loss Prevention
Does your endpoint backup solution encrypt
files on devices by allowing you to enforce the
use of endpoint operating systems’ built-in
encryption technology?
Can administrators easily configure which files
and folders are backed up to ensure that
sensitive corporate data is protected without
requiring full-disk encryption?
Does your solution include geo-location and
remote wipe capabilities?
“Always-On” Access Uptime
Does your cloud backup provider oer
automatic data redundancy across multiple data
centers?
Does it oer geographic backups to other
regions, to ensure that data access can continue
unaected in the case of data center outages?
High-Performance Backups
Does your endpoint backup solution protect
data in transit with encryption like 256-bit SSL?
Does it protect data in store with encryption like
256-bit AES?
Data Governance
Has your cloud backup provider passed the
requisite certifications (e.g., HIPAA, PCI-DSS,
ITAR) for its data centers and operations?
Does it enable you to get a federated view
across all your endpoint data, place legal holds
and preserve data for eDiscovery?
Does it oer detailed audit trails, providing
insights into how, when and where regulated
data is being accessed, shared, stored and
deleted?
Data Residency Requirements
Is your cloud backup provider equipped with
multiple redundant data centers across the
globe, enabling customers to control which
data centers are used for their data backups to
ensure compliance with local data regulations?
Does your cloud backup provider oer global
deduplication?
Can administrator level parameters be set to
manage the bandwidth allocated to the backup
service, as well as the amount of client resource
allocated to processing the client side
assessment?
Can it provide local caching for
bandwidth-restriced locations and high-speed
backup and restores, with scheduled transfers to
the cloud?
Cloud Security
Is your endpoint backup solution compliant with
international standards such as SOC 1, ISO 27001
and ISAE-3000?
Does it segregate each customer’s data from
other customers’?
Does it provide an encryption system that
delivers both security and data privacy,
guaranteeing you only have access?
Learn more about
inSync's cloud architecture
druva.com/insync