infoTECH Feature
Businesses Need to Understand Compliance Issues Before Adopting a Cloud Strategy
By While cloud computing has made great strides in the past few years, data security and compliance loom as significant barriers for businesses considering the adoption of cloud-based services.
Existing concerns are compounded by the fact that there is still a lot of confusion regarding legal compliance and privacy issues. There are no all-encompassing, hard-and-fast compliance regulations that apply to all industries across the board; rather, there are different regulatory standards that pertain to specific industries such as healthcare and finance/banking segments.
Federal and state laws, and industry regulations such as HIPAA (Health Insurance Portability and Accessibility Act) and PCI (News - Alert) DSS (Payment Card Industry Data Security Standard), require strict controls on what kind of data can be stored, who can access it and where it can be stored.
Cloud services are a long way away from being fully compliant with all the regulatory requirements, according to Vishal Shah, vice president of R&D at Intelliverse (News - Alert). But organizations can still benefit from them if they’re able to differentiate between the types of data and applications that can or cannot be stored on the cloud, and by negotiating the proper service level agreements (SLA) to ensure security and access.
Protecting the constant flow and growth of data presents new challenges that require adherence to compliance standards and new security technologies. Understanding the compliance regulations that pertain to your industry is the first logical step in the cloud strategy process.
But the easiest way to ensure compliance, regardless of the standard, rule or legislation that applies to you, is to look for cloud providers that are already compliant themselves.
Another point of concern for cloud adopters is geographical location, ZDnet recently pointed out.
“A cloud service provider, especially a software-as-a-service provider, can offer its services over the web for companies all over the world, and store everyone’s data in a single country,” the report said. “The geographical dispersal of information, often used by service providers to reduce costs and improve reliability, can be a major legal liability. Knowing where your provider will store your data and what legislation applies there is fundamental.”
Organizations have to recognize that regardless of where the data or applications reside, it is their data and in the end, they are responsible for it.
|
|
FOLLOW US |  |
 |
 |
infoTECH Headlines
IntraNext Systems Data Security Application Receives PCI Certification
Data 102 Implements Roaring Penguin's CanIt Anti-Spam Solution
PerkinElmer Includes Lab Consulting Services in OneSource Laboratory Services Offering
Data102 Implements Roaring Penguin's CanIt Anti-Spam Solution
Yellowfin Offers Free BI Software to Students and Not-for-Profits
BRS Labs AISight System Now Interoperable with Cisco Video Surveillance Manager
Yellowfin Offers Free BI Software to Students and Not-for-Profits
Corus360 Unveils Vault360 Offering
BroadVision Partners With NTT Communications
PerspecSys Debuts a Data Privacy Solution for ServiceNow
Tom Keating
Tom Keating
infoTECH Whitepapers
The Economics of Scale-Out Storage
Introduction to Red Hat Storage Server Architecture
The Five Must-Haves of Big Data Storage
Hybrid Cloud Storage: Getting the Best of Two Worlds
IBM SmartCloud Social Collaboration for Government
IBM SmartCloud Solutions: Software as a Service
IBM SmartCloud for Social Business Mobility
IBM SmartCloud Engage Security
The Forrester Wave: Cloud Strategies Of Online Collaboration Software Vendors, Q3 2012
Social Business in the Cloud
