Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Data Management

Compliance Could Be Your Selling Point

Brad Thies
Brad Thies
5 Min Read
Image

ImageCompliance is a relative term, as every industry has its own rules and regulations. Healthcare has the Health Insurance Portability and Accountability Act, banking has the Dodd-Frank Wall Street Reform and Consumer Protection Act, and retail has the Payment Card Industry Data Security Standard.

ImageCompliance is a relative term, as every industry has its own rules and regulations. Healthcare has the Health Insurance Portability and Accountability Act, banking has the Dodd-Frank Wall Street Reform and Consumer Protection Act, and retail has the Payment Card Industry Data Security Standard. These rules are meant to protect the interests of consumers, but staying compliant is often expensive for businesses, and regulators struggle to strike the right balance between costs and benefits.

The complexity of these regulations presents a challenge to cloud service providers. As more and more businesses and industries move data to the cloud, CSPs must be well-versed in their customers’ particular compliance requirements.

Compliance Is Essential

More Read

10 Social Media Influencer Secrets and Strategies
Big Data Helps Alleviate Aviation Risk Management Problems
Information Management Technology Revolution and Research Agenda for 2012
Supply Chain Business Intelligence Is More Than Just Technology
Social Business and Digital Strategy

For most businesses, noncompliance means incurring fines, but the penalty for a CSP will be a loss of customers. For example, the British government blacklisted Fujitsu in 2012 for failing to comply with Cabinet Office standards, and a little over a year later, it lost three government contracts worth 255 million pounds, or about $390 million today.

Governments and larger corporations may employ compliance teams and internal auditors, but compliance is no longer just an internal issue. Businesses in highly regulated industries — such as healthcare, banking, or government — need CSPs that understand those compliance demands. Those that fail to acknowledge this will soon be extinct.

Compliance Pays 

By carving out a portion of its customers’ compliance issues as a niche, a CSP can make itself invaluable and ensure that it continues to receive lucrative contracts. In 2013, IBM won a $1 billion cloud contract with the U.S. Department of the Interior, and one year later, Amazon Web Services secured a $600 million deal with the CIA.

These two companies were among the first to comply with the Federal Risk and Authorization Management Program, which is now required for government contracts, and they have duly profited.

Compliance is a major selling point, and with geographical and governmental discrepancies beginning to appear, CSPs need to become leaders to mitigate security and privacy risks — and thereby profit.

How to Leverage Compliance

For CSPs operating in the most heavily regulated industries, such as healthcare and banking, this requirement isn’t new. HIPAA-defined business associates are already just as liable for data breaches as the covered entity, meaning any organization that indirectly handles electronic protected medical records is required by law to comply with regulations.

Maintaining compliance is not always easy, but for a CSP to attract attention in the marketplace, it needs to embrace this obligation. Doing so not only provides existing customers with peace of mind, but also increases the demand for services.

There are two key ways for CSPs to stand out in the marketplace:

• Display compliance reports online. Business leaders want CSPs that can help with the compliance headache, and they will make that a top priority when exploring their options. FireHost, for example, does a good job of marketing its compliance as a service. Not only do providers that display compliance reports on their websites stand out, but they also tend to appear higher in search results, boosting their traffic. 

• Establish compliance in branding and messaging. Compliance shouldn’t be limited to just the relevant pages on a website. It should also be an important aspect of a CSP’s branding and messaging on social media and elsewhere and should be backed up with appropriate certification or third-party audit reports, such as SOC 2SOC 3, and ISO 27001.

The more prominently a provider displays its commitment to compliance, the more likely it is to profit. By making it as simple as possible for customers to fulfill their regulatory requirements, a CSP can transform itself from a potential vendor into valuable partner.

Share This Article
ByBrad Thies
Follow:
Brad Thies is the founder and president of BARR Advisory, P.A., an assurance and advisory firm specializing in cybersecurity, risk management, and compliance. Brad speaks regularly at industry events such as ISACA conferences, and he is a member of AICPA’s Trust Information Integrity Task Force. Brad’s advice has been featured in Entrepreneur, Cloud Computing Journal, Small Business CEO, and Information Security Buzz. Prior to founding BARR, Brad managed KPMG's risk consulting division. He is a CPA and CISA.

Follow us on Facebook

Latest News

cloud dataops for metering
Taming the IoT Firehose: How Utilities Are Scaling Cloud DataOps for Smart Metering
Cloud Computing Exclusive Internet of Things IT
ai in video game development
Machine Learning Is Changing iGaming Software Development
Exclusive Machine Learning News
media monitoring
Signals In The Noise: Using Media Monitoring To Manage Negative Publicity
Analytics Exclusive Infographic
data=driven approach
Turning Dead Zones Into Data-Driven Opportunities In Retail Spaces
Big Data Exclusive Infographic

Stay Connected

You Might also Like