There’s plenty of evidence pointing to the fact that businesses are moving their data to the cloud in droves. According to research from MarketsandMarkets, for example, the cloud storage market will reach $46.8 billion by 2018 at a CAGR of 40.2%. While the cloud can be great way to save money on storage costs and promises business availability following the worst of disasters, leaving your cloud backup and storage provider decision to chance can nullify these benefits. Before you send your mission-critical business off-site, it’s important to confirm your data is in good hands. Following are a few questions to ensure your cloud strategy doesn’t miss the mark:

Is your data secure? Checking details on security should be your first priority when selecting a cloud provider. Whether you’re storing patient records, CRM data, or marketing materials you don’t want it to end up in the wrong hands. First, you’ll want to select a provider that’s passed an SSAE 16 (Statement on Standards for Attestation Engagements 16) audit. SSAE 16 is a regulation created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) for redefining and updating how service companies report on compliance controls. Cloud providers that have passed an SSAE 16 audit — ideally verified by a SOC (Service Organization Control) 2 report — have demonstrated they have proper controls in place to ensure security, availability, processing integrity, confidentiality, and privacy.

In addition to selecting a viable cloud provider, it’s important to verify that the backup software used to copy your data from your premise to the cloud provider’s data center has the proper security controls in place. Ideally, you should only use a backup solution that provides military-grade encryption (such as 256-bit AES encryption) starting at the point of origin and maintaining encryption during data transmission and even while at rest at the final destination.

Is your recovery mission critical? Even if you get the first step correct, your cloud backup plan isn’t complete until you can know for sure that you’re able to recover your data in a timeframe that meets your RTO (recovery time objective) and RPO (recovery point objective). This is where a business class cloud backup and recovery solution separates itself from a consumer grade offering. The former will guide you through this process discussing all the factors that come into play when recovering data from the cloud, including your Internet bandwidth as well as services the cloud provider may offer such as copying your data to an external hard drive and mailing the drive to you within a guaranteed timeframe. It’s also important to check the fine print on hidden costs for data recovery services before signing with a cloud provider. Beware of “freemium” cloud backup offers that charge exorbitant fees if you ever need to recover your data following an accidentally deleted file, server crash, or a disaster.

What kind of support is included? Every cloud backup offering looks good when everything’s running smoothly. But, when it comes to computers, there will eventually be some kind of glitch that arises. Some problems are simple to fix (e.g., a computer was turned off or not connected to the Internet during the backup) while others can be trickier to identify or resolve (e.g. corrupt network drives). When problems occur, it’s vital that you can contact your cloud backup vendor and get the help you need. This is why it’s highly recommended to check out a potential cloud vendor’s helpdesk support before storing your data in their cloud. Some providers try to cut costs by outsourcing helpdesk support to overseas call centers, where language barriers and a lack of familiarity with the vendor’s products and services quickly become evident in a time of need. A little due diligence upfront can prevent a lot of frustrations later on.

While no cloud provider can guarantee 100% uptime, there is wide disparity between those who set up web servers in ordinary office spaces and try to pass it as cloud computing vs. legitimate cloud providers with physical security, data redundancy, and redundant power supplies (i.e. SSAE 16 audited providers). Choosing a cloud provider and cloud backup solution that meet the criteria outlined above will go a long way in ensuring your most important business assets are protected under any circumstances, and they can be recovered under any circumstance as well.