06-06-19 | Blog Post
According to the 2019 Rightscale® State of the Cloud report, the number of enterprises with a hybrid cloud strategy (one that combines both public and private clouds) grew to 58 percent for 2019, up from 51 percent in 2018. While the growing trend is exciting, it can create some anxiety around how to maintain compliance across the environment. In fact, 81% of respondents for the report indicate compliance was a top challenge for their cloud strategy.
When it was first gaining in popularity, some highly regulated industries had valid concerns about storing protected data in the cloud. Far from early adopters, industries like healthcare took a measured approach to implementing a cloud solution. Older solutions required companies to develop their own private cloud, which proved to be cost prohibitive and less scalable than public cloud. Compliance presented a nearly insurmountable burden to guarantee both the healthcare organization and their cloud service provider were in compliance with all regulations.
Today, the cloud is a lot less scary place, and the benefits are far more accessible. A hybrid cloud environment uses a blend of on-premises, private cloud infrastructure with third-party, public cloud services that work in harmony. This allows companies to securely, compliantly maintain their data. In fact, compliance now comes standard from public cloud providers, some of whom can boast 100 percent successful audits on standards like SOC 1/2/3, ISO 27001, PCI, HIPAA, HITRUST and more.
As you are selecting the right partner to create or maintain your hybrid cloud, start by creating your organization’s individual needs assessment. Then, carefully match your needs against the solutions of each vendor you are considering. Request a personalized introduction to their portfolio of services, and ask for details about their processes, security and how they achieve compliance. Request evidence of performance on past outside audits. You have a right to know just how they approach their role in your compliance obligations.
Be aware that once you have adopted a cloud solution, you are responsible for the security of your applications in the environment – not your cloud provider. Choose a partner that will help demystify your responsibilities and ensure you have all the tools in place to make this less burdensome. Learn more in a recent article by Otava COO Nick Lumsden that was published in Healthcare Business Today.
The bottom line is that moving to a hybrid cloud is also easier than ever. While there is considerable planning that goes into creating your cloud architecture, implementation timelines have grown shorter while performance has simultaneously increased, and compliance has been baked in.