Cloud Governance: A white paper on the necessary elements for monitoring, securing and assessing cloud usage
Cloud Governance white paper – how organizations can secure optimal control and data protection by utilizing Microsoft Hyper Scale Cloud Computing (HSCC) solutions
Get a handle on data security & compliance by building good governance around the use of Microsoft Cloud Services.
The white paper was last updated in May 2021.
Over the summer and autumn of 2020, a number of legal elements relevant to the use of cloud computing were published – most noteworthy naturally the CJEU Schrems II decision. This has paved the way for numerous interpretations and speculations, as to the legality of the use of HSCC-based solutions in the EU/EEA.
This white paper aim at providing decision makers and data protection experts guidance on all essential aspects for the legally compliant and secure use of cloud computing. This includes performing Risk Assessments, Data Transfer Assessments and establishing good Cloud Governance, in order to maintain compliant.
In connection with the obligatory risk assessment of the processing of personal data, the use of HSCC services requires answers to a number of questions – some questions addressed at the provider of HSCC services, and some addressed at your own organization.
In the white, paper you will find - among other things - the following:
- The latest legal clarifications and official guidelines relevant to cloud computing considerations.
- Guidance on how to perform Risk Assessments, Assessments of data transfers to 3rd countries, incl Microsoft Assurance documentation for implementation of appropriate supplementary measures.
- Total Cost of Ownership calculations: The costs and gains that should be included in the decision-making for an investment in new technology.
- Cloud computing - service and delivery models: Possible service and delivery models in cloud computing
- Cloud governance: Regulatory cloud governance and Online Service Management.
- Cloud in public strategies and analysis: Public strategies, guides and opinions and other 3rd party analyses.
- QUESTIONS FOR THE CLOUD PROVIDER – 61 selected questions about contracts, audits, data processing agreements, security checks, management of subcontractors, data transfers to 3rd countries, sustainability, management of authorities requests for data, contingency plans, etc.
- QUESTIONS FOR YOUR OWN ORGANISATION – 18 selected questions about establishing strategy, business plan, risk assessment, general compliance, organization, competence building, and implementation plans.
With this white paper, you will get a guide to how Microsoft recommends establishing the best possible evaluation, compliance and security setup, and governance model when storing and processing personal data in Microsoft HSCC.
Get the white paper here - fill out the form on the right and we'll send you a download link!