icon-ccms-mag-med

Datica CCMS

Continuous Compliance Monitoring for Cloud Services

Datica's Cloud Compliance Management System (CCMS) will be the first-ever tool to guide compliance assurance of managed cloud-native services.

CCMS screenshot

API-Driven Compliance

Real Time

Datica CCMS checks configuration states every day and tracks the states in a historical data model. This is the missing piece for modern cloud compliance: Constant understanding of the precise state of your cloud environments.

Audited

Each configuration supported by Datica CCMS has been audited against HITRUST CSF v9.1, meaning a configuration is meant to be compliant against the regimes of HIPAA, GDPR, and GxP. It tracks configuration changes with each CSF update.

Uniquely Dynamic

The cloud is a dynamic world and compliance struggles to keep up. Datica CCMS is the only tool available to assess assurance of managed and microservices against critical compliance controls. It gives customers a strategy for the future.

CCMS features

2018 is a Post-Cloud World

The proliferation of abstracted cloud services has increased in an effort to improve developer experience (a good thing). As a result, most cloud environments are a constellation of managed services and microservices. The cloud is no longer simply an operating system on someone else's hard drive.

But increased abstraction has meant greater control has been taken away from the end user's ability to attest to compliance assurances (a bad thing). The entire layer of "Services" on top of traditional VMs has completely changed how compliance should be measured, monitored, and managed.

Images from the book, Complete Cloud Compliance.

The problem explodes when multiple services are used—a common approach to modern cloud workloads. Developers must reinvent the wheel of mapping controls in totality over a new service.

Datica CCMS solves this problem. Simply plug available services into the CCMS and let us continuously monitor the compliance state of a service. Users can be assured the configurations map to the proper HITRUST CSF controls, thus generating a compliant posture against regimes such as HIPAA, GDPR, and GxP.

Make any cloud service compliant

The compliant configuration states of cloud services should not be proprietary. Transparency is fundamental to healthcare's transformation. Every service monitored by the CCMS will be publicly documented to help empower healthcare developers.

In a post-cloud world, configuring a service in a continual state is the goal. The hard part is simply knowing the proper configuration state mapped to a specific control. Modern compliance extends way beyond simple security group management, which is what existing tools do. Available today are configuration states of the three most popular managed database services across the three main cloud service providers. Each state has been mapped to appropriate HITRUST CSF controls and audited.

Coming soon — more configurations on the way

AWS

  • AWS Redshift
  • AWS DynamoDB
  • AWS API Gateway
  • AWS Lambda
  • AWS EKS
  • AWS Fargate
  • AWS EC2
  • AWS S3

Azure

  • Azure AKS
  • Azure Active Directory
  • Azure App Service
  • Azure Database for PostgreSQL
  • Azure Virtual Machines
  • Azure Data Lake Analytics
  • Azure IoT Hub
  • Azure Storage

GCP

  • GCP GKE
  • GCP BigQuery
  • GCP Bigtable
  • GCP Dataflow
  • GCP Storage
  • GCP Compute Engine
  • GCP Genomics
  • GCP Dataproc

We want to make sure the Cloud Compliance Management System has you covered. Tell us what other cloud configurations you want to see.

Start the survey

Datica CCMS is coming in early 2019.

Sign up to be notified of the release and to help prioritize service configurations. Registrants have the chance to be included in a private preview.