1. Cloud Sight
  2. FAQs
  3. Compliance

FAQs: compliance

  • Updated
Follow

Q: What is compliance

This feature helps you protect your clouds and keep them compliant with industry regulations and best practices. 
The current mode of compliance offered is called cloud hardening.  This allows you to set up a new cloud as per a selected compliance blueprint. The blueprint's recommendations are used to create the new cloud as per the specification of a chosen standard.  
We will soon offer a compliance reporting feature, which will allow you to choose from a variety of blueprints that may be used as a benchmark to test your cloud. 
Q: What's a blueprint?
A blueprint is a set of recommendations that can be used as benchmark that you can test your clouds against.

Please note that:

• A blueprint only contains a limited subset of the total number of recommendations within a specific compliance standard relevant to your eligible cloud services account;
• the blueprint does not address broader architectural build (e.g. connectivity) or processes and systems outside of your eligible cloud services account;
• the blueprint does not provide a certificate of compliance for the limited recommendations it supports;
• we do not guarantee end-to-end compliance with the industry standard and we do not and cannot assume your compliance obligations under all or any of the industry standards; and
• you remain responsible for your overall compliance with the applicable industry standards.

Q: What compliance blueprints are offered by Cloud Sight

Cloud hardening offers:

  • Center for Internet Security (CIS) benchmark
Our reporting feature will offers the following compliance blueprints:
  • Center for Internet Security (CIS) benchmark
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Health Insurance Portability and Accountability Act (HIPAA)

Q: How do I harden a cloud?

You can deploy a blueprint when adding a new cloud to Cloud Sight.

Learn more about cloud hardening

Q: Can I harden a cloud after it's added to Cloud Sight?

No. At the moment a blueprint can only be deployed when a cloud is being added to Cloud Sight. Please select your blueprint when adding a new cloud.


Q: Can I remove a compliance blueprint from my cloud?

You can disable a compliance blueprint on a cloud. You'll find the disable button on the Compliance tab on your cloud details page. Disabling will pause the reporting feature on that particular blueprint on your cloud.

With cloud hardening, you cannot change your blueprint selection or rollback deployment once it’s deployed to your account. You may change the configuration of your cloud service through the service provider portal (e.g. Azure portal) at the risk of no longer being compliant with the blueprint.

 

Q: Where can I find the compliance statistics for my cloud?

Currently, you can only access compliance statistics when you purchase the Telstra Cloud Compliance add-on

When reporting becomes available, the details of your cloud's compliance performance will be on the Compliance tab on your cloud details page.

Learn more about compliance reporting

Q: How do I get more information about the test failures?

For additional compliance features, including details of the tests run on your cloud and failure remediation advice, purchase the Telstra Cloud Compliance add-on

Q: How do I fix the test failures?

Failure remediation advice can be found on the Telstra Cloud Compliance add-on. Purchase the add-on via the Telstra Cloud Sight marketplace. 

 

Was this article helpful?

Help us improve our help centre

Related articles

Other articles in this section

Can’t find what you’re looking for?

Get in touch with via the link below

Contact us