Brightsolid, the hybrid cloud managed service provider, has launched a new cloud compliance framework to help businesses strengthen their data security measures as the growth of cloud computing and digital transformation continues to accelerate. The Cloud Control Framework, part of the company’s Professional Services division, is believed to be one of the first-to-market services in this area.
The Framework will be particularly beneficial for organisations which have significant regulatory compliance needs, such as financial services, public sector and healthcare, as well as businesses who lack in-house IT expertise or capacity to deliver cloud projects. It will also benefit those concerned around the security of the cloud – something which can be a blocker in digital transformation programmes – and further contribute to the practical management of it.
Brightsolid created the Cloud Control Framework to clearly outline how organisations can apply controls to further increase the security of the cloud. As part of this, the company has ensured that the Framework’s 17 controls comply with many industry standards including ISO27001, CIS Benchmarks, the Payment Card Industry (PCI), National Cyber Security Centre (NCSC) and GDPR to help organisations protect data and systems hosted in the cloud.
Brightsolid will work with organisations committed to putting in place controls around the cloud in their infrastructure and will advise them on the areas that may require more stringent security controls to protect valuable data in a one-off exercise.
Jon Gasparini, Chief Technology Officer, Brightsolid commented: “The adoption of cloud based platforms and services continues to accelerate. This has been driven by a significant rise in digital transformation projects as organisations respond to customer demands for richer online services and ensuring their staff remain fully productive working from home. Cloud based infrastructure, platform and software services in the right hands are powerful enablers in achieving digital transformation outcomes, however in the wrong hands they can introduce significant risks.”
“Our Cloud Controls Framework provides more peace of mind as organisations continue to digitally transform. Strong controls can help to build business confidence at all levels – and in a year where we have seen this dip considerably, we are pleased to be able to offer a framework that will provide reassurance. Putting in place a framework that can help organisations easily demonstrate regulatory and industry compliance, will reduce risk of compromise and accelerate the development of secure cloud services will reap its rewards.”
The Framework has been trialled with Aceville, a Brightsolid customer which was earlier this year announced as the company’s first professional services client. An assessment of the Aceville AWS environment against the Brightsolid Framework provided a clear and actionable set of recommendations based on industry good practice to strengthen controls and reduce risk. Aceville has since gone on to implement these recommendations through the introduction of stronger controls delivered via the Brightsolid Cloud Foundations managed service. Out of the box, Cloud Foundations implements the majority of the controls set out in the Brightsolid Framework.