By Adrienne Hall, General Manager, Trustworthy Computing

Our customers do business in almost every industry and country around the world. Many of them need to meet regulatory compliance and certification requirements.  When they trust a cloud service provider to manage infrastructure, applications, or data for them, that service provider becomes a partner that they trust to help meet and maintain their compliance and certification requirements.  Customers that have been managing compliance obligations for their on premise information technology operations know first-hand how challenging it can be.   New requirements emerge frequently in the dynamic environments of today’s businesses.  

Moving targets are nothing new in the technology industry – and we expect to help our customers navigate the various decisions they need to make, both on the way to cloud adoption and afterwards.  Many customers view compliance capabilities as a crucial decision point when choosing a cloud service provider.  So, demonstrating the ability to meet certain compliance requirements is therefore essential to delivering cloud services that customers can trust. 

The term compliance can mean different things to different people, especially in the commercial cloud space.  To increase awareness as to how Microsoft handles compliance for cloud services, we’ve released a new paper titled, “The Microsoft Approach to Compliance in the Cloud”.

The paper also poses questions we encourage organizations to ask when considering a cloud service provider, such as: 

• Does the provider have a proven record of delivering secure, reliable, cloud services built to enable privacy and data protection?
• Is the provider transparent about its cloud compliance capabilities, and which responsibilities are owned by customers?
• Does the provider demonstrate leadership by participating in the development and continuous improvement of industry standards that are relevant to cloud services?
• Will the provider assist the customer to help achieve and maintain their own compliance requirements?

The paper, and other cloud-related resources can be downloaded from www.microsoft.com/trustedcloud. See also these related papers on Data Classification for Cloud Readiness and CISO Perspectives on Compliance in the Cloud.