1. Deploying a Cloud Security Control
Information security, which involves assuring the confidentiality, integrity, and availability
of mission-critical data, is typically a primary concern of regulators. Business executives are
responsible for aligning corporate policies to the requirements of regulation and follow up
to ensure that the policies and associated controls are being enforced. Regulatory
compliance requires that enterprise IT departments meet certain technical standards that
conform to specific requirements that are defined by either an external authoritative
governmental or industry organization or by internal enterprise policies. Both internal and
external regulations may have significant impacts on enterprise IT operations. Complying
with any regulatory rule often constrains IT managers by imposing network and system
design features that may be quite costly. Likewise, the cost of not complying with
regulations may lead to both civil and criminal penalties. In this assignment, you address
security issues to information security- regulatory compliance. Preparation Identify and
research a specific information security- regulatory requirement whose compliance is
dictated by one of the following regulatory rules: Family Educational Rights and Privacy Act
(FERPA). Gramm–Leach–Bliley Act (GLBA). Health Insurance Portability and Accountability
Act (HIPAA). Payment Card Industry Data Security Standard (PCI DSS). Sarbanes–Oxley Act
(SOX).