For many businesses, learning to let go can be a big deal. Almost inevitably in cloud computing, IT managers and their colleagues must relinquish a degree of control over their hardware and software.
This can lead to questions about the efficacy of data protection or security protocols at remote data centres run by cloud providers. As highlighted in a previous post, the Service Level Agreement (SLA) has a key role to play here.
But there is another area of operations that is effectively handed over once you’ve selected your cloud services provider: compliance.
Companies are required to meet a growing number of statutory, regulatory, contractual and legal obligations. This includes international governance requirements (such as ITIL) as well as national legislation covering data protection.
To avoid any penalties resulting from non-compliance, businesses should retain responsibility for their own data compliance at all times. Internal and external standards can be ‘set in stone’ in SLAs. However, it is worth ensuring that your provider is able to report on your data on a regular basis to inform your own compliance reporting. You also need to ensure you have visibility into where your data is hosted. Preferably this would be in your local country for maximum security and compliance
Handing over responsibility for some elements of your IT infrastructure does not mean you can ignore your obligations – either internally or externally. The impact of non-compliance can be very costly indeed.
— — —
Was this article useful? Would you like to know more about transparency, compliance and cloud computing? Talk to one of our account managers to find out more.