In this installment of Trustworthy Computing's Cloud Fundamentals Video Series, Jeffrey Miller, Information Security and Privacy Manager for Microsoft Health Solutions Group discusses the need to classify and segregate data to enable cloud migration while still maintaining regulatory and standards requirements applicable to sensitive data.
Many organizations want to take advantage of the cloud, but the data within existing services often contains a mix of the organization's high, moderate, and low impact data. Cloud customers are ultimately responsible for maintaining regulatory and standards-based requirements addressing data protection and use.
"Cloud providers have an obligation to maintain transparency of operations to the degree required to support customer audits, but doing so in a scalable manner. Using Microsoft solution accelerators, a customer may analyze a service and its data to enable cloud migration, and make decisions on exactly what should go into the cloud vs. what should stay within the organization's data center."