Sharing the IT Burden Utilizing the Cloud
Jun
22
Written by:
6/22/2011 1:34 PM
The Pervasive DataCloud2 team is constantly looking at ways to improve the compliance and security around DataCloud2 and our partners at Amazon Web Services (AWS) help us stay in tuned with the needs of our customers.
Cloud computing services like AWS introduce a lot of opportunity for off-loading the burden of IT tasks normally associated with running a data center. Core services like power, backup services, and in some cases OS patching are all provided as part of this service platform. This is true with the Pervasive DataCloud2. However, the services do not eliminate the responsibility for the security and management of the data related to the services running in the cloud. In fact, Amazon and other cloud providers provide a clear and useful document describing how the responsibilities for security and management should and should not be shared. For Amazon, this comes in the form of their “Amazon Web Services: Risk and Compliance” document.
Among the items highlighted in the compliance document are the shared responsibilities, levels of compliance governance, the various standards followed by Amazon, and any certifications or third party attestations. An underlying principle that Amazon stresses is the customer should maintain adequate governance for the environment. In other words the Amazon customer is ultimately responsible for maintaining systems and processes in place that compliment the Amazon level of control to ensure compliance.
Finally in the compliance document, Amazon provides a list of key compliance challenges and how they may be overcome in the Amazon environment. This “checklist” is a great guide to those who are new to the compliance world and they will find this chart helpful as they plot the best strategy for their current and potential customers.