9 big ideas in the book
- When controlled, compliance is actually a competitive edge.
- The cloud is no longer other people’s computers. It is managed services.
- As cloud services get more abstract to improve developer experience (a good thing), more control is being taken away from the user making compliance attestation harder (a bad thing).
- Compliance is only as strong as the weakest link in the abstraction chain.
- Frameworks are the best way to manage regulations. The best frameworks are built for a dynamic future, not a dated past.
- Complete cloud compliance is hard because technologists struggle to understand compliance while compliance officers struggle to understand the cloud.
- The cloud is global, so compliance is now global.
- Cloud compliance comes down to data management. The three verbs of data are store, compute, and transmit.
- Data sources are splintering instead of unifying, making compliance more complex.
Register to get an excerpt of the book, chapter 2: “What really is compliance?” You’ll also be notified when the printed book is available.