Article

Get ahead in the cloud: Easing the path to compliance

by James Fox
Director of Technology Consulting, Protiviti

Adoption of cloud services has been steadily increasing, but the trend has been rapidly accelerated in the past year. Companies moved quickly to enable remote working through a range of Software-as-a-Service (SaaS) offerings, including Microsoft Teams and Zoom. Consumption of Infrastructure-as-a-Service (IaaS) platforms like Amazon Web Services and Microsoft Azure has followed and provided access to advanced services on demand.

Understandably, there has been a focus on the continuity of business. Large-scale adoption of remote working technology has enabled businesses to keep going through a hugely uncertain time. But having survived the rollercoaster of the past 12 months, many are now stopping to ask themselves: how compliant are we in this new world? The truth is that they don’t always know.

Businesses have spent decades developing the skills and knowledge needed for on premises compliance regimes. But they are still trying to understand what it means in the cloud and how best to apply it. There can be significant work involved in moving traditional IT controls frameworks to the cloud. And, unfortunately for large enterprises, there is no single button that can be pressed to automatically enable compliance.

A common challenge is keeping audit and compliance teams abreast of new technologies and how they align with regulatory requirements. Technology teams typically consume services that provide business benefits or competitive advantages. But we have seen migration efforts driven by technology lose momentum as security and compliance teams are engaged too late, only to demand delays to ensure security and compliance controls are embedded in cloud platforms, and that updates standards account for ongoing security, privacy, and confidentiality of data.

Transparent communication across an organisation is therefore important, before and during the cloud migration process. Involvement of security and compliance expertise can ensure these requirements are baked in rather than bolted on.

What’s happening behind the scenes?

FREE Membership Required to View Full Content:

Joining MSDynamicsWorld.com gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here

Get full access

Azure Governance, Risk, and Compliance (GRC) Regulatory Compliance Security Security
About James Fox

James is a Director in Protiviti’s Technology Consulting practice, with a focus on Enterprise Cloud Transformation. James has extensive global experience working across Asia Pacific and Europe in IT Advisory Consulting.

Prior to joining Protiviti, James was a Director at Deloitte Consulting supporting clients with strategic adoption of cloud services, Consultant at Amazon Web Services enabling enterprise customers to achieve their most challenging business and organisational goals through well-managed transformation and a Consultant at PwC providing Enterprise Cloud Transformation advice.

More about James Fox