Compliance

Cloud Computing: The Compliance Oriented Architecture - are we there yet?

Grazed from ComputerWeekly. Author: Clive Longbottom.

Over a decade ago, Quocirca looked at the current means of securing data, and decided that there was something fundamentally wrong. The concept of solely relying on network edge protection, along with internal network and application defences misses the point. It has always been the data that matters - in fact, not really even the data, but the information and intellectual property that data represents.

To our minds, enterprise content management (ECM) has not lived up to expectations around information security: it only dealt with a very small subset of information; it was far too expensive; and has not evolved to support modern collaboration mechanisms. It is also easy to circumvent its use, and far too easy for information assets to escape from within its sphere of control...

The ups and downs of cloud compliance

Grazed from TechTarget. Author: Mike Chapelle.

Compliance doesn't need to slow down cloud adoption, but it should remain a high priority in cloud-enabled IT environments. Federal and state laws that protect information security and data privacy differ widely and are becoming increasingly complex. The global picture is even more difficult to unravel.

As enterprises around the world adopt cloud computing strategies, regulated data -- such as personally identifiable information, health records and credit card numbers -- increasingly passes through the control of a wide range of service providers. Multinational corporations must take time to understand the data security ramifications of cloud computing decisions and move forward in a manner that maintains compliance with applicable security and privacy regulations...

Cloud computing may make IT compliance auditing even cloudier

 Grazed from ZDNet.  Author: Joe McKendrick.

Compliance is one of those thankless activities that add a lot more pain than gain to IT managers' and professionals' worklives. It's a matter of doing the minimum that needs to get done and be done with it, so one can get back to the good things, like building commerce and analytics systems.

Accordingly, most IT departments are ill-prepared for any audits that may come their way. A new survey finds three out of five IT professionals say they're not ready for compliance audits...

Cloud computing may make IT compliance auditing even cloudier

Grazed from ZDNet.  Author: Joe McKendrick.

Compliance is one of those thankless activities that add a lot more pain than gain to IT managers' and professionals' worklives. It's a matter of doing the minimum that needs to get done and be done with it, so one can get back to the good things, like building commerce and analytics systems.

Accordingly, most IT departments are ill-prepared for any audits that may come their way. A new survey finds three out of five IT professionals say they're not ready for compliance audits...

Revisiting Compliance in the Cloud: Is it Risky Business? (Part 3)

Grazed from CloudComputingAdmin.  Author: Deb Shinder.

In this, Part 3, we’ll talk about data classification responsibilities in a cloud environment and then move into some specifics of how to develop your data classification scheme.

Cloud Raxak Unveils Cloud Security Compliance Solution

Grazed from TalkinCloud. Author: Dan Kobialka.

Cloud security compliance (CSC) company Cloud Raxak today has launched Cloud Raxak Protect, a cloud-based service that enables users to "secure and ensure compliance of their compute infrastructures, starting with their environment provisioning process and through the lifecycle, for both public and private clouds."

Cloud Raxak Protect provides hybrid cloud service management for businesses, according to Cloud Raxak. It leverages the Hewlett-Packard (HPQ) Cloud Service Automation (CSA) solution, Cloud Raxak said, to help companies reduce their hybrid cloud service management costs and simplify audits...

Read more from the source @ http://talkincloud.com/cloud-computing-security/04202015/cloud-raxak-unveils-cloud-security-compliance-solution

Cloud security and compliance trends in 2015

Grazed from TechRepublic.  Author: Editorial Staff.

 More and more Amazon Web Services (AWS) customers in 2014 could not make their networks as secure using AWS/S3, explained Vormetric's VP of Cloud C.J. Radford. This trend will pick up in 2015, with more enterprises using cloud applications in order to defend themselves from the rising tide of cyberthreats.

In an email Q&A with TechRepublic, regarding 2015 cloud security trends Radford said he also expects that organizations will "open their coffers" to protect Software as a Service (SaaS) offerings, that more Information as a Service (IaaS) providers will offer encryption and access control services, and that hosted private clouds will exceed the number of in-house private clouds as the preferred environment...

Is your cloud provider compliant?

Grazed from ProgrammableWeb. Author: Editorial Staff.

Before investing in any new technology, an organisation must first establish whether that technology will meet the businesses’ needs. Similarly, the organisation must scrutinise the technology and its provider, to make sure it is up to standard with the company’s security and compliance requirements.

One such example of this, says John McLoughlin, MD of J2 Software, a distributor of SkyView Partners’ managed security solutions, is cloud computing. “The business benefits of cloud computing are widely accepted and documented, however, whether or not cloud computing meets your business requirements is dependent on the type of data being stored, accessed, and shared in the cloud.”...

Provider-user teamwork key in cloud compliance

Grazed from TechTarget. Author: Nicholas Rando.

With cloud compliance and standards regulations changing as often as the weather, how do cloud admins keep up? Unfortunately, there is no one answer -- but there are a number of different ways to attack it. When users work together with their cloud computing service providers, staying on top of cloud regulations becomes easier.

From keeping up-to-date on the latest regulations, such as PCI DSS and HIPAA, to ensuring that all of your cloud service requirements are being met, collaboration between cloud providers and consumers is the key. But what else do cloud admins need to know to meet cloud regulations? With that question in mind, we've compiled our top five tips on cloud computing compliance and standards with the hope of shedding light on these vital pieces of the cloud puzzle...

The Impact Of Cloud Computing On Data Compliance

Grazed from GlobalBankingAndFinance. Author: Ron Miller.

It might have been a buzzword within the IT industry for some years now but more recently we’ve seen the mainstream appetite for – and adoption of – cloud computing rise significantly. Whether it’s public, private or hybrid services, the promise of greater flexibility, scalability and cost-effective pricing models has been too enticing for many businesses to ignore.

The flipside, however, is that as a result of the Cloud, we’re also seeing a number of companies coming under scrutiny for their data protection and compliance policies. It’s the CIOs that are leading the charge here, as they become increasingly concerned over the security of their mission-critical data. There is the perception that many ‘cloud’ vendors (and that’s including those companies that have simply rebranded an existing solution to jump on the bandwagon) are failing to provide a comprehensive view on where data is being stored and the information security management framework that’s in place...