Government regulation in the US, Europe, Russia, and elsewhere requires organizations to provide detailed accounts for who is able to access their information, when they did so, and for what reasons. Complying with these regulations requires companies to ensure that the needed data is available, that it can be collected, and that reports can be produced from it. Doing so is often quite difficult, and the advent of cloud computing complicates this even further. In some cloud deployment models, for instance, this is difficult because it is not known where the data resides, who the cloud provider allows to access it, the state of the data at rest, and other important issues that regulators require answers to. Cloud computing also raises important cross-border considerations, especially in Europe and Russia. Furthermore, creating audit trails that encompass the cloud are difficult because there is no standard for collecting audit data across organizational boundaries.
Though complicated, for many, thorough audits are not optional. Companies seeking to outsource non-core competencies and benefit economically from the cloud must find architectures and cloud service providers that will allow them to satisfy their regulators. At Twobo Technologies, we are helping many companies and governments solve these problems and can share architectural models and insights into how others are grappling with these challenges. To find out more about our services, our areas of expertise, the technologies we recommend, and the types of customers we are helping, please contact us.