In a previous GDPR series we discussed who is subject to GDPR guidelines, security requirements, tips for preparing, and penalties associated. To keep going with this series, we partnered with one of our partners, UnifyCloud, to speak to GDPR compliance in the cloud. If you are in the midst of moving to the cloud or already have some applications or workloads in the cloud (SaaS, IaaS, PaaaS, etc.), we put together a web recording to address concerns around ensuring GDPR compliance when it comes to XaaS services and third-party CSPs such as AWS and Azure.
This web recording covers:
- What is the GDPR, how should you interpret it, and address this compliance within your organization
- How to address compliance in the cloud (SaaS, IaaS, PaaS, etc)
- UnifyCloud GDPR Baseline approach
How can StrataCore and UnifyCloud help your company with data security and GDPR compliance in the cloud?
Below is a use case on how UnifyCloud helped a large technology company with their cloud migration strategy in regards to data security and compliance.
Using the various Could-hosted solutions within the CloudAtlas® suite of cloud migration and monitoring tools, this customer used CloudRecon® to begin their journey to GDPR compliance by finding the many, and often difficult to find, data storage and processing applications that could contain personal or sensitive data as defined in Article 7 of the GDPR.
After deciding which of these data storage instances and processing applications were best managed for GDPR compliance on a Platform-as-a-Service (PaaS) or Infrastructure-as-a-Service (IaaS) environment, the customer used CloudPilot®, a cloud-focused static code analysis tool to determine specific changes that could help them assure GDPR compliance when using application modernization, containerization or VM-based migration (i.e., “lift & shift”) strategies for migration to the cloud.
Using CloudOrigin®, the CloudAtlas® knowledgebase and repository for cloud best control practices, the customer was able to start with the GDPR Baseline available to customize its controls for monitoring GDPR-compliant subscriptions where migrated apps and storage instances would reside by managing the discrete settings in over 130 Service offerings and through a GDPR DevOps toolkit.
Finally, this customer used the final CloudAtlas® solution, CloudSupervisor®, to closely monitor adherence of cloud subscriptions to the GDPR Baseline. In addition, CloudSupervisor® provided general security, performance, and cost control monitoring across all resources in each subscription providing alerts at resource group, subscription and enterprise levels when the GDPR Baseline or other controls and settings were out of compliance.