Cloud Managed Service Providers And Cyber Security

Cloud Managed Service Providers and Cyber Security

As we’ve all seen in recent years, cyber threats are increasing in both size, scope, and impact to businessOne of the largest DDoS attacks recently occurred; global providers like SolarWinds and Kaseya were infiltrated by hackersSo, what happens to our cyber security risk when we migrate services to the cloudAre all service providers equalThe reality of the question is that they are not 

In recent news, Bandwidth was recently affected by a large scale DDoS attack.  Bandwidth is the underlying SIP provider for major UCaaS players – and as such, providers across the entire globe were impacted by the DDoS attack on Bandwidth. 

As more services migrate to industry leading providers, their target by hackers and bad actors grows each dayWhat happens if your cloud phone system provider is hit with ransomware or a DDoS attackAs we migrate our business applications that are critical to run our organizations into cloud infrastructure, how do we complete due diligence regarding those providersWhat sort of questions should we be asking? 

Below are a few questions you should think about when picking a cloud provider: 

  1. DDoS mitigation strategy – In the event that your provider is targeted by DDoS, you will want to know what they have in place to ensure uptime for their customers that rely on them for critical communication, orders, meetings, and the day-to-day operations of organizations across the globe. As an organization, you should also consider how your cloud service providers continue to update their security measures. The DDoS attack of a few years ago vs the most recent ones are vastly different in size. An organization that only planned for the capacity to handle cyber threats of a few years ago would find themselves in a bad situation now.
  2. Security Profile and Management Strategy – What other steps are they taking to ensure that they have the correct security protocols in place? SOC, HITRUST, ZeroTrust, etc. are all great measurements of cyber risk, but behind the required minimums, what are they doing above that?  SolarWinds was ISO certified, but that did not stop the attack by itself.
  3. Back-up/Disaster Recovery – in the event of a breach, what is the emergency protocol? If all servers were locked up with ransomware, how would your provider re-enable services?  What does that look like for them? Having and discussing a documented recovery process is something an organization should definitely consider when evaluating cloud providers. 

These are just a few of the questions we should be asking cloud providers before entrusting them with critical business applicationsWhat does downtime mean for your organization – especially when it is part of the infrastructure you are not managing. ChoiceTel can help your organization evaluate and choose a cloud provider that meets all your needs. To speak with a consultant, contact us at [email protected] or call us at 800-815-3320.


Choice Telecommunications, Inc

7640 Dixie Highway, Suite 150

Clarkston, MI 48346

Phone: 248-922-1150

Email: [email protected]

U.S. Offices

7000 Central Pkwy.

Suite 1600

Atlanta, GA 30328

(800) 815-3320

Go to Top