Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Data Management

Compliance Could Be Your Selling Point

Brad Thies
Brad Thies
5 Min Read
Image

ImageCompliance is a relative term, as every industry has its own rules and regulations. Healthcare has the Health Insurance Portability and Accountability Act, banking has the Dodd-Frank Wall Street Reform and Consumer Protection Act, and retail has the Payment Card Industry Data Security Standard.

ImageCompliance is a relative term, as every industry has its own rules and regulations. Healthcare has the Health Insurance Portability and Accountability Act, banking has the Dodd-Frank Wall Street Reform and Consumer Protection Act, and retail has the Payment Card Industry Data Security Standard. These rules are meant to protect the interests of consumers, but staying compliant is often expensive for businesses, and regulators struggle to strike the right balance between costs and benefits.

The complexity of these regulations presents a challenge to cloud service providers. As more and more businesses and industries move data to the cloud, CSPs must be well-versed in their customers’ particular compliance requirements.

Compliance Is Essential

More Read

4 Best Practices for Backing Up and Recovering Data
Are You Getting The Most Out Of Your Marketing Data?
Selecting Big Data Sources for Predictive Analytics
Decision Management: Business Intelligence’s Missing Piece
Black Swan Alert: Low Tech Links Devastate High Tech Supply Chains

For most businesses, noncompliance means incurring fines, but the penalty for a CSP will be a loss of customers. For example, the British government blacklisted Fujitsu in 2012 for failing to comply with Cabinet Office standards, and a little over a year later, it lost three government contracts worth 255 million pounds, or about $390 million today.

Governments and larger corporations may employ compliance teams and internal auditors, but compliance is no longer just an internal issue. Businesses in highly regulated industries — such as healthcare, banking, or government — need CSPs that understand those compliance demands. Those that fail to acknowledge this will soon be extinct.

Compliance Pays 

By carving out a portion of its customers’ compliance issues as a niche, a CSP can make itself invaluable and ensure that it continues to receive lucrative contracts. In 2013, IBM won a $1 billion cloud contract with the U.S. Department of the Interior, and one year later, Amazon Web Services secured a $600 million deal with the CIA.

These two companies were among the first to comply with the Federal Risk and Authorization Management Program, which is now required for government contracts, and they have duly profited.

Compliance is a major selling point, and with geographical and governmental discrepancies beginning to appear, CSPs need to become leaders to mitigate security and privacy risks — and thereby profit.

How to Leverage Compliance

For CSPs operating in the most heavily regulated industries, such as healthcare and banking, this requirement isn’t new. HIPAA-defined business associates are already just as liable for data breaches as the covered entity, meaning any organization that indirectly handles electronic protected medical records is required by law to comply with regulations.

Maintaining compliance is not always easy, but for a CSP to attract attention in the marketplace, it needs to embrace this obligation. Doing so not only provides existing customers with peace of mind, but also increases the demand for services.

There are two key ways for CSPs to stand out in the marketplace:

• Display compliance reports online. Business leaders want CSPs that can help with the compliance headache, and they will make that a top priority when exploring their options. FireHost, for example, does a good job of marketing its compliance as a service. Not only do providers that display compliance reports on their websites stand out, but they also tend to appear higher in search results, boosting their traffic. 

• Establish compliance in branding and messaging. Compliance shouldn’t be limited to just the relevant pages on a website. It should also be an important aspect of a CSP’s branding and messaging on social media and elsewhere and should be backed up with appropriate certification or third-party audit reports, such as SOC 2SOC 3, and ISO 27001.

The more prominently a provider displays its commitment to compliance, the more likely it is to profit. By making it as simple as possible for customers to fulfill their regulatory requirements, a CSP can transform itself from a potential vendor into valuable partner.

Share This Article
ByBrad Thies
Follow:
Brad Thies is the founder and president of BARR Advisory, P.A., an assurance and advisory firm specializing in cybersecurity, risk management, and compliance. Brad speaks regularly at industry events such as ISACA conferences, and he is a member of AICPA’s Trust Information Integrity Task Force. Brad’s advice has been featured in Entrepreneur, Cloud Computing Journal, Small Business CEO, and Information Security Buzz. Prior to founding BARR, Brad managed KPMG's risk consulting division. He is a CPA and CISA.

Follow us on Facebook

Latest News

student learning AI
Advanced Degrees Still Matter in an AI-Driven Job Market
Artificial Intelligence Exclusive
mobile device farm
How Mobile Device Farms Strengthen Big Data Workflows
Big Data Exclusive
composable analytics
How Composable Analytics Unlocks Modular Agility for Data Teams
Analytics Big Data Exclusive
fintech startups
Why Fintech Start-Ups Struggle To Secure The Funding They Need
Infographic News

Stay Connected

You Might also Like