What are the five top things government agencies can do to ensure cloud compliance?
- Select a fit for purpose government cloud. Identify the systems, applications, services and scripts running in your cloud environment and determine if they are secure and compliant. Understand where sensitive data, such as customer data and data governed by compliance regulations is stored.
- Ensure you understand what the cloud provider and the agency are responsible for in terms of security. Enable governance and enforcement of organisation-specific controls. This will allow your cloud teams to easily validate compliance for auditors as well as customers.
- Ensure your suppliers are contractually required to maintain full compliance. Continuously track cloud compliance progress against benchmarks and standards, with detailed reports and alerts.
- Invest in meeting new compliance requirements on an ongoing basis. Going for the cheapest option is a recipe for disaster.
- Conduct regular checks with your suppliers to test compliance.
Leave a Reply