COMPLIANCE MANAGEMENT CHALLENGES IN CLOUD-HOSTED ENVIRONMENTS
Keywords:
Cloud Computing, Data Residency, Jurisdictional Compliance, Regulatory Frameworks, Shared Responsibility Model, Compliance Management, Cross-border Data Transfers,Abstract
Organizations have seen a significant shift in handling data due to their move towards cloud-hosted setups, especially those using multi-cloud environments. Even though these setups bring benefits like better scale, more options, and lower costs, they also come with significant hurdles related to following rules and regulations. This research paper explores significant challenges in cloud-hosted environments, focusing on staying in line with data regulations across multiple cloud platforms and tackling the problems related to laws across different regions and where data resides. The exploration brings to light the difficulties related to data sovereignty laws and shared responsibility models. This research paper explores the need to keep data within specific geographical boundaries due to local legal demands. It suggests tackling these hurdles by actively managing compliance using automation technology, working closely with cloud service companies, and implementing legal and technical methods. The research paper lays out a guide for organizations to tap into the power of cloud technology, keep up with rules, and protect their data by tackling the challenging issues of following regulations in cloud spaces.
References
N. Soveizi and D. Karastoyanova, Enhancing Workflow Security in Multi-cloud Environments Through Monitoring and Adaptation upon Cloud Service and Network Security Violations, Lecture Notes in Computer Science, 14353, 2023, 157–175. Retrieved from https://doi.org/10.1007/978-3-031-46846-9_9
R. F. El-Gazzar and F. Wahid, Cloud Computing Adoption in Public Sector: A Literature Review about Theoretical Models and Factors, International Conference on Electronic Government, 2015, 26–37. Retrieved from https://doi.org/10.1007/978-3-031-24294-6_26
R. Gupta, D. Saxena, and A. K. Singh, Data Security and Privacy in Cloud Computing: Concepts and Emerging Trends, arXiv preprint arXiv:2108.09508, 2021. Retrieved from https://doi.org/10.48550/arXiv.2108.09508
European Union, General Data Protection Regulation (GDPR), Official Journal of the European Union, 2018. Retrieved from https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679
State of California, California Consumer Privacy Act (CCPA), California State Legislature, 2018. Retrieved from https://oag.ca.gov/privacy/ccpa
F. Yunlong and L. Jie, Incentive Approaches for Cloud Computing: Challenges and Solutions, Journal of Engineering and Applied Science, 71, 2024, Article number: 51. Retrieved from https://doi.org/10.1186/s44147-024-00389-8
Z. Abbas and M. Aslam, Enforcing Data Geolocation Policies in Public Clouds using Trusted Computing, arXiv preprint arXiv:2306.17171, 2023. Retrieved from https://doi.org/10.48550/arXiv.2306.17171
PCI Security Standards Council, Payment Card Industry Data Security Standard (PCI DSS) v4.0, PCI Security Standards Council, 2022. Retrieved from https://www.pcisecuritystandards.org/document_library
International Organization for Standardization (ISO), ISO/IEC 27001:2022 - Information Security Management, ISO, 2022. Retrieved from https://www.iso.org/standard/82875.html
M. Reece, T. E. Lander Jr., M. Stoffolano, A. Sampson, J. Dykstra, S. Mittal, and N. Rastogi, Systemic Risk and Vulnerability Analysis of Multi-cloud Environments, arXiv preprint arXiv:2306.01862, 2023. Retrieved from https://doi.org/10.48550/arXiv.2306.01862
M. Reece, T. E. Lander Jr., S. Mittal, N. Rastogi, J. Dykstra, and A. Sampson, Emergent (In)Security of Multi-Cloud Environments, arXiv preprint arXiv:2311.01247, 2023. Retrieved from https://doi.org/10.48550/arXiv.2311.01247
N. Soveizi and D. Karastoyanova, SecFlow: Adaptive Security-Aware Workflow Management System in Multi-cloud Environments, International Conference on Cooperative Information Systems, 2024, 176–194. Retrieved from https://doi.org/10.1007/978-3-031-46846-9_9
Published
Issue
Section
License
Copyright (c) 2024 Pranav Mani Tripathi (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
