Introduction to Compliant Cloud Computing

Introduction to
Compliant Cloud Computing
by Lumen21
Lumen 21 Inc. | 765 The City Drive South | Suite 105 | Orange, CA 92868 | Phone: (714) 862-2171 | [email protected] |
by Lumen21
re Connection
ure In
ment and
[Content from the Introduction to Compliant Cloud
Computing by Lumen 21 Webinar, hosted by Eduardo Don,
Jr. President Lumen21, Inc.]
A, P
Introduction to
Compliant Cloud Computing
Secure Cloud
Compliant Cloud Computing by Lumen21 is a platform
designed to enable organizations in regulated Industries
to avail themselves of cloud technology as a computing
platform, while remaining compliant to a variety of
regulatory requirements.
When preparing to take advantage of new technologies,
such as cloud, organizations will be required to maintain
a solid operational approach on things such as security,
authentication, servers, storage and networking. Moving
to the cloud should translate into an increased focus
on things like log management, threat management, IP/
DNS reputation management, redundancy and disaster
recovery for all organizations. The cloud may inherently
make some of these things easier, but to fully realize
the benefits of cloud computing organizations need to
concentrate on achieving operational efficiency while
remaining secure and in control.
be structured. This flexibility allows small and large
companies to choose an affordable solution appropriate
for their organizations’ size.
Regulated industries, like healthcare, retail, financial
services and others, face additional IT challenges –
and ever changing regulations. These industries are
required, often by law, to maintain a stronger blend
of policies, procedures and governance to avoid noncompliance penalties and fines. Interestingly, the various
regulations differ a little from industry to industry.
While they are slowly starting to align, understanding
the intricacies of the requirements really comes down
to navigating the “mandates” and “recommendations”.
Compliant Cloud Computing by Lumen21 is compliant
out-of-the-box. We focus on the “it” — that little extra
difference. The thing that makes compliance more
manageable and easier to implement. One monthly
payment gives you a compliant cloud environment
managed by redundant Network Operations Centers
and separate, redundant Security Operations Centers.
You can consume as much or as little of the cloud
platform as you need. The service includes everything
you need to be compliant. For operational efficiency,
we have built a compliance “cookbook” recipe for each
of the regulations that is not only vetted but audited.
For example, where HIPAA mandates that a Web
Application Firewall (WAF) be in place for externallyfacing web applications; PCI DSS recommends that
you have a WAF for external web-applications. These
“recommended” requirements are actually recognized
operational “best practices”. Even though they are
mandated as part of HIPAA, organizations should look
to operational best practices to fill-in where a given
regulation is vague. One area where even HIPAA is
intentionally vague is around disaster recovery and
business continuity. While they mandate you have
a plan, they don’t provide details on how it should
Compliance knowledge and expertise is not common
among cloud providers. While some cloud providers
may offer increased security services to help you build
your own compliant infrastructure, truly understanding
compliance and the audit process for your industry
requires a specialist. The certified experts at Lumen21
know what it takes to pass a compliance audit for PCI
DSS, HIPAA/HITRUST and many others.
To learn more about Compliant Cloud Computing
by Lumen21 visit us at
Or if you would like to discuss your specific individual
requirements or talk to us about how we can help
with your on-premise compliance infrastructure,
please reach out to us at [email protected] or
call us at 714-862-2171.
Lumen 21 Inc. | 765 The City Drive South | Suite 105 | Orange, CA 92868 | Phone: (714) 862-2171 | [email protected] |
Compliant Cloud Computing by Lumen21
It’s Compliant Out-of-the-Box
Secure Cloud
• Redundant Environments
• Firewall
• Separation of Environments
• Security Framework
• Protection
• Encryption
• Backups
• Monitoring
• Management
• Managing the Infrastructure
• Data Transparency
• Metering
• Monitoring of Resources
• Server, Network and Application Management
• Capacity Planning and Management
• Overall System Service Map and Topology
• Log Management
• Threat Management
• IP/DNS Reputation Management
• Vulnerability Management
• Access Management
• Encryption Management
Rules-Based Compliance
• Standard Out-of-the-Box
• Custom Configuration
Regulatory Compliance
• Healthcare (HIPAA)
• Payment Card Industry (PCI DSS)
• Utilities Compliance (NERC CIP)
• Financial Services Regulations (GLBA/FFIEC)
• Federal Information Security Management (FISMA)
• Security Awareness Training Solutions
Lumen 21 Inc. | 765 The City Drive South | Suite 105 | Orange, CA 92868 | Phone: (714) 862-2171 | [email protected] |