What are the risks when allowing an external company to host our application?
– We have got a quotation from a company with a server farm who is offering either a public cloud or managed cloud. They will provide us with a Virtual Server which we will have sole access to and where we can load our application and run it from.
–. The external company owns the servers, many other virtual servers on the one physical box.
–. The physical box is not qualified and we don’t know what other companies nor what sites or applications are running on the box.
–. The external company will look after the back ups of our application and they also back up the other virtual servers on the same physcial box.
–. Using a virtual server that we have sole use of provides our application with logical security, but is logical security enough?
It is cheaper to use this managed cloud than creating our own private cloud so is there a risk to using the managed cloud?
Yes there will be other physical security eg firewalls and the application will have a SSL secure login
I am guessing that our client would prefer to have the version of our application on their own dedicated virtual server on a dedicated physical box,
but in this case they will have their own dedicated Virtual server but not on a dedicated physical box.
If the same physical box also contains competitors of theirs is there any exposure or legal risk to our company.
I suppose a parallel can be drawn with gmail as many companies are using gmail instead of exchange for their email system. This means that many different companies information is being held on the same physical boxes.
Need to be careful about exactly how the system is deployed. Depending on your agreement with the service provider, you may be able to specify the hardware in general terms, but you may not know exactly which (physical) “box” the application is running on. In fact, if you require redundancy, it may switch over to a server (e.g., if maintenance is being done or a site goes out) in a completely different country. If you require a specific box that you can (traditionally) qualify, that may be a completely different service agreement.
The questions raised / discussions above all swirl around the ‘risk’ theme. Identify the possible failure modes (like mixed up database connections) and work with the service provider to ensure a deployment that mitigates your risks to an acceptable level.
Be sure the risk assessment identifies configuration changes by the provider. Again, this may drive a different / modified service agreement. In a validated environment, something like an OS patch would drive some level of re-validation (or at least an assessment as to whether action is needed). You may or may not have visibility into if / when such actions occur.