Best practice: a checklist
The Second Edition of Cloud Cover recommends customers seek out providers that:
- Specify adherence to reputable security standards within the contract;
- Allow customers to audit the provider over security and privacy standards;
- Include in the contract a commitment to data breach notification;
- Commit within the contract to informing the customer before submitting customer data to law enforcement;
- Make few excuses in the contract for service availability and offer credits for all downtime outside the SLA;
- Commit within the contract to an orderly transition out, with data available on a specified format within a specified timeframe;
- Cannot vary the terms of the contract without express customer consent;
- Choose Australia as its jurisdiction for resolution of disputes.
