Datica solves compliance in a post-cloud world
The Cloud Compliance Management System (CCMS) is built to manage compliance requirements across popular HIPAA-eligible cloud provider services. Cloud-native environments tend towards a constellation of managed services and microservices, but they have a compliance problem. Datica CCMS is the solution.
The CCMS is an easy-to-use SaaS tool that uses modern APIs to monitor and assess the configuration state of your favorite cloud services.
How it works
CCMS is a easy-to-use SaaS tool that uses modern APIs to assess the configuration state of your favorite cloud services.
Customers select from a list of approved cloud services from one of the three major cloud service providers. Customers are walked through a workflow to configure the service to specific HITRUST CSF controls.
The chosen cloud services are connected to the CCMS via APIs. Datica then monitors the configuration states every day, checking to ensure the states have not changed in a non-compliant way.
On-demand tools for remediation practices, attestation exercises, and historical reporting are available for all services monitored by the CCMS, making compliance tasks easy.
The CCMS grows with you
As a team's architecture grows, simply add more supported services to the CCMS. Even add services across multiple clouds! All centralized into a single elegant dashboard with powerful features.
Each configuration supported by Datica CCMS has been audited against HITRUST CSF v9.1, meaning a configuration is meant to be compliant against the regimes of HIPAA, GDPR, and GxP. It tracks configuration changes with each CSF update.
Datica CCMS checks configuration states every day and tracks the states in a historical data model. This is the missing piece for modern cloud compliance: Constant understanding of the precise state of your cloud environments.
The cloud is a dynamic world and compliance struggles to keep up. Datica CCMS is the only tool available to assess assurance of managed and microservices against critical compliance controls. It gives customers a strategy for the future.
As with all of Datica's products, there is zero lock-in. Every service supported by the CCMS will have its configurations published to be publicly reviewable. Full transparency on what we monitor and why is critical to earning trust.
Proven and Reliable
Trusted by the Best
2019 is a Post-Cloud World
The proliferation of abstracted cloud services has increased in an effort to improve developer experience (a good thing). As a result, most cloud environments are a constellation of managed services and microservices. The cloud is no longer simply an operating system on someone else's hard drive.
But increased abstraction has meant greater control has been taken away from the end user's ability to attest to compliance assurances (a bad thing). The entire layer of "Services" on top of traditional VMs has completely changed how compliance should be measured, monitored, and managed.
How CCMS Helps You Pass Audits
This is a typical maturity model that your company will be audited against. It defines Privacy vs. Security vs. Compliance.
How Datica Solves it
Defines what must be done to protect privacy.
Datica CCMS is the only product focused on making it easy to understand how to secure cloud environments specific to policies and procedures audited against the HITRUST CSF (the "Privacy" part).
is the act of implementing policies and procedures.
Other monitoring tools focus strictly on security, or don’t address compliance at all.
Proves it was done.
CCMS then continuously monitors the configuration state on a daily basis to ensure continual validation (the "Compliance" part).
The problem explodes when multiple services are used—a common approach to modern cloud workloads. Developers must reinvent the wheel of mapping controls in totality over a new service.
Images from the book, Complete Cloud Compliance.
Datica CCMS solves this problem. Simply plug available services into the CCMS and let us continuously monitor the compliance state of a service. Users can be assured the configurations map to the proper HITRUST CSF controls, thus generating a compliant posture against regimes such as HIPAA, GDPR, and GxP.
Make any cloud service compliant
The compliant configuration states of cloud services should not be proprietary. Transparency is fundamental to healthcare's transformation. Every service monitored by the CCMS will be publicly documented to help empower healthcare developers.
In a post-cloud world, configuring a service in a continual state is the goal. The hard part is simply knowing the proper configuration state mapped to a specific control. Modern compliance extends way beyond simple security group management, which is what existing tools do. Available today are configuration states of the three most popular managed database services across the three main cloud service providers. Each state has been mapped to appropriate HITRUST CSF controls and audited.
Simple, straightforward pricing
Datica CCMS is $1,000/mo. per service type + $10/mo. per instance
A 'service' is any supported cloud provider service, like AWS RDS, Azure Cosmos DB, or Google Cloud SQL
Datica CCMS is coming in early 2019.
Sign up to be notified of the release and to help prioritize service configurations. Registrants have the chance to be included in a private preview.