Cloud Computing: When Compliance Comes Down to Security

Grazed from CloudComputingExpo. Author: Fouad Khalil.

In the business world, it's hard to throw a rock without hitting a compliance requirement. All must be obeyed, but some call for a high level of control and auditability. Governing bodies are exerting their authority like never before, increasing the number of auditors and handing out heavy fines - sometimes as much as $1 million. This has become the new norm, and it isn't likely to turn around any time soon. It's important, then, to be aware of the primary threats that could undermine compliance efforts. The top three such issues are discussed below.

The Challenges of SOX

Public companies in the U.S. as well as foreign companies listed on U.S. exchanges are required by Sarbanes-Oxley (SOX) to assess their internal controls, have that assessment validated by an external auditor and report the assessment to the SEC. Information security professionals need to ensure that their organization complies with requirement in Section 302 and Section 404 of the legislation...

Read more from from the source @ http://www.cloudcomputingexpo.com/node/3900000