Cloud-10 Regulatory Compliance

Revision as of 15:10, 22 December 2009 by Shankar Babu Chebrolu (talk | contribs) (R3: Regulatory Compliance)

Jump to: navigation, search

R3: Regulatory Compliance

Customers are ultimately responsible for the security and compliance with regulatory laws (e.g., SOX, HIPAA etc) of their own applications that are hosted in cloud. Data stewards and application owners must plan to put timely audits in place to ensure proper controls in the applications and infrastructure that is hosted at a cloud provider. Companies that are planning to adopt cloud (SaaS, Iaas, Paas etc) must ensure that their cloud provider understand the respective roles and responsbilities (RACI etc) in helping out customers in maintaining required compliance with the appropriate regulatory laws and standards (government and commercial).


Anthes, G.. (2009, January). SaaS Realities. Computerworld, 43(1), 21-22. Retrieved August 9, 2009, from ABI/INFORM Global. (Document ID: 1626575741).

Business: Pain in the aaS; Computer security. (2008, April). The Economist, 387(8577), 86. Retrieved August 9, 2009, from ABI/INFORM Global. (Document ID: 1469385981).

Gartner: Seven Cloud-Computing Security Risks.

Google: Cloud computing more secure than traditional IT.

Top five cloud computing security issues.

Cloud Security Alliance.