Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Who does what in cloud data compliance?

In cloud environments, laws and regulations can increase the scrutiny around information security and data compliance issues, including where data is stored and processed by a cloud computing service.

When you are provisioning a virtual private cloud in Amazon Web Services, a simple click can move your virtual private cloud from the United States to the European Union, Asia Pacific or South America. But what happens to cloud data compliance in a software as a service (SaaS) implementation, where you don’t make the infrastructure location choices? 

In this video Mike Chapple, University of Notre Dame’s senior IT director for service delivery, addresses four areas to consider to maintain cloud data compliance when you migrate workloads and assets to the cloud:

Data security and compliance responsibilities will vary based upon the cloud computing service model in use, according to Chapple, who is heading up a Cloud First initiative to migrate 80% of Notre Dame’s IT services over the next three years. Most cloud services fall into one of three categories ranging from "finished" software to customizable platforms and lower-level infrastructure. "Generally speaking," he said, "customer responsibility for security increases as you purchase lower-level services."

In an infrastructure as a service model, where the customer installs and configures the operating system, it is clearly the enterprise's responsibility to maintain the security of that configuration. In a SaaS approach, enterprise responsibility is typically limited to those configuration settings that the provider permits the customer to alter and the security of data fed into the service.

View All Videos

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What strategies have you successfully used to enforce cloud data compliance with third-party vendors?
Cancel

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

Close