7 Worst Cloud Compliance Nightmares - InformationWeek
IoT
IoT
Cloud // Cloud Storage
News
8/12/2015
08:06 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

7 Worst Cloud Compliance Nightmares

Compliance is difficult in any situation, and cloud computing makes it even more complicated. Check out these worst-case compliance scenarios and how to avoid them.
Previous
1 of 9
Next

(Image: ClkerFreeVectorImages via Pixabay)

(Image: ClkerFreeVectorImages via Pixabay)

Companies that do business on the Internet or in the cloud may fall under one or more compliance domains. In order to comply with regulations, companies must do everything in their power to adhere to data security guidelines within the various compliance standards.

There are dozens and dozens of data security compliance regulations around the world. Here are a few examples:

  • If you deal with credit card information, you must adhere to PCI DSS standards.
  • US healthcare must follow HIPAA regulations as they relate to the protection of patient information.
  • US power companies follow NERC CIP rules to help protect power grids.
  • The European Union has Directive 95/46/EC regulation to ensure protection of personal data.

While compliance is difficult in its own right, cloud computing complicates the picture even further. If your organization is processing and/or storing sensitive data that is protected by compliance regulations, maintaining a compliant organization becomes a shared partnership between the cloud service provider and the customer. And, if not handled properly, there are numerous ways that this partnership can turn into a nightmare.

Here, we present seven scenarios in which businesses and/or cloud service providers can run into major compliance problems. Some difficulties reside in poor understanding of regulations. Others crop up when communication failures occur between the cloud service provider and the customer. And still others happen when compliance isn't regularly maintained and cared for. It's incredibly easy to become non-compliant, yet quite difficult to regain compliance.

So why is compliance so important? There are several reasons. One is the various ways that companies can be fined and temporarily restricted from handling data, which ultimately results in a loss of business. And as bad as that may seem, those are generally temporary issues. More lasting damage can be found in the loss of trust between the business that fails to maintain compliance and its customers that rely on the business to protect sensitive data. Once this trust is broken, the damage can last far longer than any fine or temporary halt of business processes ever could.

Once you've reviewed our seven scenarios, we'd love to hear your opinion on the current state of cloud compliance and how it could be improved and simplified over time. Join us in the comments section below.

Andrew has well over a decade of enterprise networking under his belt through his consulting practice, which specializes in enterprise network architectures and datacenter build-outs and prior experience at organizations such as State Farm Insurance, United Airlines and the ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Commentary
Why Your Company's AI Strategy May Not Be Its Own
Lisa Morgan, Freelance Writer,  3/18/2019
Commentary
Q&A: Deloitte's Lisa Noon on Inclusivity and Cloud Evolution
Joao-Pierre S. Ruth, Senior Writer,  3/15/2019
Commentary
Empowering Women in the Workplace 365 Days a Year
Guest Commentary, Guest Commentary,  3/19/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Security and Privacy vs. Innovation: The Great Balancing Act
This InformationWeek IT Trend Report will help you better understand and address the growing challenge of balancing the need for innovation with the real-world threats and regulations.
Slideshows
Flash Poll