IT Compliance Advisor

Feb 1 2010   5:38PM GMT

Clear advice on cloud computing security and compliance

GuyPardon Guy Pardon Profile: GuyPardon

Phil Cox, a contributor to, recently shared some advice that will be helpful to those faced with understanding the challenges of cloud compliance.

In his tip, he focuses on the five major questions that every organization should ask before it moves into public cloud computing services. As Cox writes, “virtually every regulation requires organizations to adequately protect their physical and informational assets. To do this, there is an implied or assumed ability to control and prove:

  • What information is stored on a system?
  • Where is the information stored?
  • Who can access the system?
  • What they can access?
  • Is the access appropriate?

All these questions imply some level of ownership of the assets in question, and that is where cloud compliance issues become apparent. In a public cloud environment, you are able to answer the first of those questions with certainty; the other four, however, end up posing a compliance problem.”

Read the rest of the cloud computing tip for Cox’s advice, and make sure to address compliance requirements in cloud computing contracts.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: