Compliance With Clouds: Caveat Emptor
August 26, 2010
Why Read This Report
Today's organizations face aggressive cost-cutting and efficiency pressures that drive businesses to consider cloud sourcing solutions. While the many properties of cloud services, such as elasticity, low entry costs, and faster time-to-market, are well suited to supporting a wide range of business functions, compliance has been a difficult proposition for organizations considering moving to the cloud. Support for regulatory, regional, or internal policy compliance is arguably the weakest aspect of cloud computing. Today's infrastructure-as-a-service (IaaS) players don't provide geographic ubiquity, and software-as-a-service (SaaS) players rarely offer comprehensive data-level controls. As a result, leveraging the benefits of cloud and maintaining compliance can be at odds with each other. Security and risk professionals assisting businesses with sourcing selections must understand that your organization is ultimately responsible for compliance and it is your responsibility to help business assess compliance risks. When necessary, you should implement compensating controls atop the cloud infrastructure to attain compliance.
Already a Client?
Log in to read this document.
Become a Forrester Client
Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.
This report is available for individual purchase ($499 USD).Purchase
Tools And Templates
Models and Calculators
- Data Protection And Compliance Are Top Of Mind Concerns
Table of Contents
- Cloud Is Not Ubiquitous
- Cloudy With A Chance Of Noncompliance
- Compensating Controls
- Compliance Does Not Have To Be Unattainable With Clouds
- Supplemental Material
- Related Research Documents
Select Your Optimal Hosted Private Cloud Strategy
May 7, 2015 | Lauren E. Nelson
Client Virtualization Will Fail Without A Hybrid Approach
September 22, 2011 | David K. Johnson
Market Overview: IT Process Automation, Q3 2011
July 22, 2011 | Jean-Pierre Garbani