170
The provider can offer a redundant service distributed across at least
two datacentres with an availability of 99.99% and infrastructure
that is safeguarded against failure to a great extent.
Emergency exercises are performed on a regular basis (at least once
a year) and documented in line with BS 25999.
Penetration testing is performed regularly (at least once a year) and
documented to demonstrate the security features.
The provider offers a variable price model and also allows customers
to change to a more favourable contractual model at current term
conditions within the current contract (best price option).
EuroCloud Star Audit
The above‐mentioned certification is a best‐practice approach to answer
critical management questions in the selection of a suitable Cloud service
provider. In contrast to purely security or data protection related
certification, this certification takes all affected areas into consideration
and results in an understandable evaluation statement. Classical
certification systems will continue to develop in the direction of Cloud
auditing; however, this can take several years, whereas help is needed
right now for key issues and particularly for medium‐sized companies.
EuroCloud has confirmed the compliance of providers with the following
seal:
Figure 13: EuroCloud Star Audit Seal of Approval