Compliance

Revisiting Compliance in the Cloud: Is it Risky Business? (Part 3)

Grazed from CloudComputingAdmin.  Author: Deb Shinder.

In this, Part 3, we’ll talk about data classification responsibilities in a cloud environment and then move into some specifics of how to develop your data classification scheme.

Cloud Raxak Unveils Cloud Security Compliance Solution

Grazed from TalkinCloud. Author: Dan Kobialka.

Cloud security compliance (CSC) company Cloud Raxak today has launched Cloud Raxak Protect, a cloud-based service that enables users to "secure and ensure compliance of their compute infrastructures, starting with their environment provisioning process and through the lifecycle, for both public and private clouds."

Cloud Raxak Protect provides hybrid cloud service management for businesses, according to Cloud Raxak. It leverages the Hewlett-Packard (HPQ) Cloud Service Automation (CSA) solution, Cloud Raxak said, to help companies reduce their hybrid cloud service management costs and simplify audits...

Read more from the source @ http://talkincloud.com/cloud-computing-security/04202015/cloud-raxak-unveils-cloud-security-compliance-solution

Cloud security and compliance trends in 2015

Grazed from TechRepublic.  Author: Editorial Staff.

 More and more Amazon Web Services (AWS) customers in 2014 could not make their networks as secure using AWS/S3, explained Vormetric's VP of Cloud C.J. Radford. This trend will pick up in 2015, with more enterprises using cloud applications in order to defend themselves from the rising tide of cyberthreats.

In an email Q&A with TechRepublic, regarding 2015 cloud security trends Radford said he also expects that organizations will "open their coffers" to protect Software as a Service (SaaS) offerings, that more Information as a Service (IaaS) providers will offer encryption and access control services, and that hosted private clouds will exceed the number of in-house private clouds as the preferred environment...

Is your cloud provider compliant?

Grazed from ProgrammableWeb. Author: Editorial Staff.

Before investing in any new technology, an organisation must first establish whether that technology will meet the businesses’ needs. Similarly, the organisation must scrutinise the technology and its provider, to make sure it is up to standard with the company’s security and compliance requirements.

One such example of this, says John McLoughlin, MD of J2 Software, a distributor of SkyView Partners’ managed security solutions, is cloud computing. “The business benefits of cloud computing are widely accepted and documented, however, whether or not cloud computing meets your business requirements is dependent on the type of data being stored, accessed, and shared in the cloud.”...

Provider-user teamwork key in cloud compliance

Grazed from TechTarget. Author: Nicholas Rando.

With cloud compliance and standards regulations changing as often as the weather, how do cloud admins keep up? Unfortunately, there is no one answer -- but there are a number of different ways to attack it. When users work together with their cloud computing service providers, staying on top of cloud regulations becomes easier.

From keeping up-to-date on the latest regulations, such as PCI DSS and HIPAA, to ensuring that all of your cloud service requirements are being met, collaboration between cloud providers and consumers is the key. But what else do cloud admins need to know to meet cloud regulations? With that question in mind, we've compiled our top five tips on cloud computing compliance and standards with the hope of shedding light on these vital pieces of the cloud puzzle...

The Impact Of Cloud Computing On Data Compliance

Grazed from GlobalBankingAndFinance. Author: Ron Miller.

It might have been a buzzword within the IT industry for some years now but more recently we’ve seen the mainstream appetite for – and adoption of – cloud computing rise significantly. Whether it’s public, private or hybrid services, the promise of greater flexibility, scalability and cost-effective pricing models has been too enticing for many businesses to ignore.

The flipside, however, is that as a result of the Cloud, we’re also seeing a number of companies coming under scrutiny for their data protection and compliance policies. It’s the CIOs that are leading the charge here, as they become increasingly concerned over the security of their mission-critical data. There is the perception that many ‘cloud’ vendors (and that’s including those companies that have simply rebranded an existing solution to jump on the bandwagon) are failing to provide a comprehensive view on where data is being stored and the information security management framework that’s in place...

The battle between compliance and the cloud

Grazec from InformationAge. Author: Ben Rossi.

The beauty of the cloud is that it seeks to enable a business to become more agile, efficient and competitive, yet compliance seeks to restrain it. And this is what is preventing some businesses from making the most of the cloud. Recent research from NTT Com Security revealed businesses across the globe are wary of the using the cloud. A worrying 86% admitted that issues around data protection, legislation and regulation are responsible for cloud computing being adopted more slowly than they would like.

You only have to look at the publicity surrounding the NSA and PRISM revelations and compliance, data sovereignty laws and regulation requirements from authorities like the Information Commissioner’s Office (ICO). With these increasingly complicated data laws, it’s becoming something of a minefield for businesses looking to embrace, or experiment with, the cloud...

Enterprises Solve Compliance Riddle With Encrypted Cloud and Backup

Grazed from OnLineTech. Author: PR Announcement.

Companies that must comply with regulations such as HIPAA, Sarbanes-Oxley, PCI and Safe Harbor now have an instant solution to a key aspect of data security that too often goes un-met: end-to-end encryption for sensitive patient and customer information sitting in the cloud. Organizations in regulated industries that must ensure the protection of confidential information often avoid cloud computing because they have incomplete encryption strategies that leave them in non-compliance and at risk of embarrassing, costly security breaches.

The common areas of non-compliance for most hosting providers are due to a lack of encryption for data in the cloud and for backup of that data. The cloud infrastructure and backup techniques used by the vast majority of companies today leave patient and customer information un-encrypted, making it vulnerable to accidental and criminal breaches...

Cirrity Launches Desktops as a Service (DaaS) With Secure, Compliant Cloud

Grazed from MarketWire.  Author: PR Announcement.

Cirrity, the secure and compliant cloud services provider, has added Desktops as a Service (DaaS) to its cloud-based solutions.  Cirrity's DaaS solution provides a complete virtual workspace from the cloud, delivering Windows desktops and applications as an easily managed, unified cloud service. Powered by industry-leading Desktone technology -- a multi-tenant, grid-based platform purpose-built for cloud-hosted desktops -- Cirrity's DaaS solution eradicates the barriers to virtual desktop adoption and enables a risk-free, incremental evolution of the next-generation workspace.

"Cirrity's DaaS solution improves desktop accessibility and security while also supporting disaster recovery strategies," says Andrew Albrecht, COO of Cirrity. "If employees rely on desktops located in the office but physically can't get to their computers, the disruption to business operations is immediate. With Cirrity's DaaS solution, the desktop resides in Cirrity's secure, compliant cloud infrastructure built on enterprise-class hardware. Employees can access their desktop from any device, anywhere, anytime."...

Dell updates private cloud to become PCI compliant

Grazed from NetworkWorld. Author: Brandon Butler.

Looking to solidify its refocused efforts on private cloud platforms, Dell today rolled out new features to improve security and manageability of its offerings. Dell now offers a payment card industry (PCI)-compliant cloud computing service. It also rolled out a new choice that allows customers to rent Dell-owned and operated hardware in their data centers. Dell is also expanding its cloud-based applications, adding a disaster recovery as a service (DRaaS) option.

The moves come months after Dell announced plans to refocus its cloud computing strategy more on its private cloud business, instead of the public cloud market. The company had been developing an OpenStack-powered public cloud, but it halted those development efforts to focus on private and managed clouds this summer...