For Security & Risk Professionals

Compliance With Clouds: Caveat Emptor

Why Read This Report

Today's organizations face aggressive cost-cutting and efficiency pressures that drive businesses to consider cloud sourcing solutions. While the many properties of cloud services, such as elasticity, low entry costs, and faster time-to-market, are well suited to supporting a wide range of business functions, compliance has been a difficult proposition for organizations considering moving to the cloud. Support for regulatory, regional, or internal policy compliance is arguably the weakest aspect of cloud computing. Today's infrastructure-as-a-service (IaaS) players don't provide geographic ubiquity, and software-as-a-service (SaaS) players rarely offer comprehensive data-level controls. As a result, leveraging the benefits of cloud and maintaining compliance can be at odds with each other. Security and risk professionals assisting businesses with sourcing selections must understand that your organization is ultimately responsible for compliance and it is your responsibility to help business assess compliance risks. When necessary, you should implement compensating controls atop the cloud infrastructure to attain compliance.
US $ 499
Become A Client

Get objective, pragmatic guidance that helps you make tough decisions and succeed in a complex world. Contact us to learn more.

Already A Client?
Log in to read this document.

TABLE OF CONTENTS

  • Cloud Is Not Ubiquitous
  • Cloudy With A Chance Of Noncompliance
  • Compensating Controls
  • RECOMMENDATIONS

    Compliance Does Not Have To Be Unattainable With Clouds
  • Supplemental Material
  • Related Research Documents

TOOLS & TEMPLATES

  • Models & Calculators:

    Data Protection And Compliance Are Top Of Mind Concerns