Choosing a Cloud Provider: the Importance of Compliance Transparency
Looking beyond HIPAA, SOX or PCI-DSS compliance claims
The alarming aspect of searching for a cloud hosting solution is that, despite claims to the contrary, your hosting provider may not actually be able to support your direct compliance needs. In truth, your provider is probably not trying to be misleading intentionally. Instead, because regulatory compliance is too often left open to interpretation, your definition of HIPAA, SOX or PCI-DSS compliance might be different than your cloud provider’s. Download our “Not All Clouds Are Created Equal” whitepaper for expert analysis on what to consider when searching for a cloud provider.
This gap becomes more critical as today’s information technology environments are being asked to house an expanding library of personal, private and sensitive data. New regulations and industry standards are being created every day, meaning that your cloud provider may play a critical role in your regulatory auditing process. The trick is finding a provider who does more than offer the mere promise of compliance by offering the transparency and accountability to guarantee that your cloud infrastructure will meet changing industry standards. This means searching for a cloud provider who:
- Is upfront about the location of your data—Many cloud providers either do not disclose where the data lives or may move your data through the course of normal operations. Please beware of providers who are unable to disclose this information, as auditing standards often require you to be able to disclose this information.
- Offers flexible cloud solutions—Many cloud providers offer one-size-fits-all environments and standardized hosting platforms. However, a truly compliant solution needs to be flexible enough to meet rigid and changing industry standards.
- Will work with your auditing team—Your cloud provider is offering more than a service. They should be your partner, willing to work with you to ensure total compliance.
By choosing a cloud provider who offers this type of auditing transparency, you will be able to engineer a cloud solution that not only meets your computing needs as they stand today, but one that is able to evolve as those needs change over time. For more help on finding a cloud computing solution, download our Roadmap to Cloud Computing.
Follow him on_ Twitter.