Compliance for cloud-based systems
Cloud Compliance is the general principle that cloud-based systems must be compliant with standards that a business consuming cloud services will face. This is a very important issue with cloud computing services, and it is something that we here at HyCloud take very seriously.
Cloud Compliance relates to many different industry standards and regulations that cloud customers need to comply with.
For example, in the healthcare industry, a set of laws called HIPAA make stringent guidelines and security protocols mandatory for certain kinds of patient health data.
Essentially, cloud customers need to look at the effective security provisions of their vendors the same way they would look at their own internal IT security. They will need to figure out whether their cloud vendor services match the compliance that they need. In addition, companies are choosing between public, private and hybrid cloud computing services.
For our business customers that have compliance requirements for their Office 365 and Azure data, Microsoft has recently developed a new tool. Compliance Manager, a workflow-based risk assessment tool in the Microsoft Service Trust Portal, enables you to track, assign, and verify your organization’s regulatory compliance activities related to Microsoft Professional Services and Microsoft cloud services, such as Microsoft Office 365, Microsoft Dynamics 365 and Microsoft Azure.
- Combines the detailed information provided by Microsoft to auditors and regulators as part of various third-party audits of Microsoft ‘s cloud services against various standards (for example, ISO 27001, ISO 27018, and NIST) and information that Microsoft compiles internally for its compliance with regulations (such as HIPAA and the EU General Data Protection Regulation, or GDPR) with your own self-assessment of your organization’s compliance with these standards and regulations.
- Enables you to assign, track, and record compliance and assessment-related activities, which can help your organization cross team barriers to achieve your organization’s compliance goals.
- Provides a Compliance Score to help you track your progress and prioritize the auditing controls that will help reduce your organization’s exposure to risk.
- Provides a secure repository for you to upload and manage evidence and other artifacts related to your compliance activities.
- Produces richly detailed reports in Microsoft Excel that document the compliance activities performed by Microsoft and your organization, which can be provided to auditors, regulators, and other compliance stakeholders
For any feedback, concerns or questions on the compliance manager and cloud-based systems please contact us directly.