This new compliance service eliminates security and compliance threats as one of the biggest barriers to cloud adoption and enables IT to confidently move forward with cloud IaaS and DRaaS initiatives free of the concern that previously hindered them.
“Many cloud service providers have given a nod to compliance through extremely patchy reporting and alerting without really addressing the issue,” said Justin Giardina, chief technology officer, iland. “That is only half the battle. At iland, we recognise that it takes both compliance focused features and reporting in addition to an in-house compliance team to provide our customers with real peace of mind in today’s complicated regulatory environment.”
The result is a unique approach to compliance in the cloud that streamlines the process for customers and answers a shortcoming that other cloud providers have failed to address.
“Unfortunately the industry standard among cloud providers these days is to offer compliance support that is very limited in scope while leaving customers on the hook with regulatory bodies with nothing more than a bundle of incomplete and often incomprehensible information,” said Frank Krieger, director of compliance and IT services, iland. “What’s worse is that many of the big-box cloud service providers nickel and dime their customers for these inadequate services. iland’s holistic compliance support is included in its Enterprise Cloud Services – Advance Security platform with no hidden fees to the customer.”
iland’s security features, reporting capabilities and professional services monitor and report on compliance rules that drive HIPAA, as well as SSAE 16 – SOC 2 (Trust Service Principles), Payment Card Industry Data Security Standard v3 (PCI DSS v3), the Federal Risk and Authorization Management Program (FedRAMP), the National Institute of Standards and Technology (NIST), the information security standard ISO 27001, and others. Having completed its own HIPAA attestation, iland is fully prepared to support its customers with HIPAA compliance requirements from the signing of a Business Associates Agreement through completing their compliance audits.
On-demand compliance reporting
Much of the challenge of meeting compliance requirements is gathering the appropriate documentation. Embedded in iland’s management console for its Enterprise Cloud Services (ECS) – Advanced Security offering is a set of on-demand reports that span the gamut from compliance summaries to event histories to platform assurances.
To this end, the specific features in iland’s recently introduced ECS- Advanced Security platform that provide deep security and compliance assurances to customers include:
• Antivirus and malware detection
• Accelerated storage with encryption at rest
• Whole disk encryption
• Event history, including log inspection and access logs
• Support requests
• Role-Based Access Control
• Dual Factor Authentication
• Vulnerability Scanning
• IPSEC and SSL-VPN
• Firewall Inspection
• Intrusion detection and prevention systems (IPS/IDS)
• Integrity Monitoring
• Encrypted Backups
Certified compliance team
While most providers stop at automated features aimed at “assisting” with compliance, the compliance offering recently introduced by iland includes an in-house team of certified compliance professionals whose entire mission is to consult with customers and provide assistance on interpreting reports and using report data to meet compliance requirements. This team works directly with customers to:
· Answer questions about report sections and findings
· Provide supporting documentation that explains how the reports relate to industry regulations
· Assist customers in answering auditors’ questions about report
findings
· Assist in aligning with industry regulation controls utilizing the ITIL 2011 framework