Save or Share this Report

For Security & Risk Professionals

Compliance With Clouds: Caveat Emptor

August 26, 2010

Primary author headshot

Authors

Why Read This Report

Today's organizations face aggressive cost-cutting and efficiency pressures that drive businesses to consider cloud sourcing solutions. While the many properties of cloud services, such as elasticity, low entry costs, and faster time-to-market, are well suited to supporting a wide range of business functions, compliance has been a difficult proposition for organizations considering moving to the cloud. Support for regulatory, regional, or internal policy compliance is arguably the weakest aspect of cloud computing. Today's infrastructure-as-a-service (IaaS) players don't provide geographic ubiquity, and software-as-a-service (SaaS) players rarely offer comprehensive data-level controls. As a result, leveraging the benefits of cloud and maintaining compliance can be at odds with each other. Security and risk professionals assisting businesses with sourcing selections must understand that your organization is ultimately responsible for compliance and it is your responsibility to help business assess compliance risks. When necessary, you should implement compensating controls atop the cloud infrastructure to attain compliance.

Get Access

Already a Client?

Log in to read this document.

Become a Forrester Client

Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.

Purchase Report

This report is available for individual purchase ($499 USD).

Purchase

Tools And Templates

Models and Calculators

calculator icon
  • Data Protection And Compliance Are Top Of Mind Concerns

Table of Contents

  • Cloud Is Not Ubiquitous
  • Cloudy With A Chance Of Noncompliance
  • Compensating Controls
  • RECOMMENDATIONS

  • Compliance Does Not Have To Be Unattainable With Clouds
  • Supplemental Material
  • Related Research Documents

Recommended Research