Compliance and governance
We have systematically looked at securing every component of the hybrid cloud architecture so far. As discussed earlier in the Protection of data section, data governance is the set of rules, practices, and processes put in place to provide oversight of data security and help the business adhere to its compliance requirements. Besides preventing unauthorized access to infrastructure and data, all businesses have the responsibility to protect the data privacy of their consumers. This is especially true in regulated industries such as public sectors, finance, and healthcare. Failure to do so comes at a huge price for a business.
Let’s explain compliance using a framework to define some key components of it. We discussed some of these components in earlier sections of this chapter:
- Governance: A set of rules that defines the access and control of all resources and data in the hybrid cloud environment.
- Change control: Following the principle...
