Q: What is compliance
Please note that:
• A blueprint only contains a limited subset of the total number of recommendations within a specific compliance standard relevant to your eligible cloud services account;
• the blueprint does not address broader architectural build (e.g. connectivity) or processes and systems outside of your eligible cloud services account;
• the blueprint does not provide a certificate of compliance for the limited recommendations it supports;
• we do not guarantee end-to-end compliance with the industry standard and we do not and cannot assume your compliance obligations under all or any of the industry standards; and
• you remain responsible for your overall compliance with the applicable industry standards.
Q: What compliance blueprints are offered by Cloud Sight
Cloud hardening offers:
- Center for Internet Security (CIS) benchmark
- Center for Internet Security (CIS) benchmark
- Payment Card Industry Data Security Standard (PCI DSS)
- Health Insurance Portability and Accountability Act (HIPAA)
Q: How do I harden a cloud?
You can deploy a blueprint when adding a new cloud to Cloud Sight.
Learn more about cloud hardening
Q: Can I harden a cloud after it's added to Cloud Sight?
No. At the moment a blueprint can only be deployed when a cloud is being added to Cloud Sight. Please select your blueprint when adding a new cloud.
Q: Can I remove a compliance blueprint from my cloud?
You can disable a compliance blueprint on a cloud. You'll find the disable button on the Compliance tab on your cloud details page. Disabling will pause the reporting feature on that particular blueprint on your cloud.
With cloud hardening, you cannot change your blueprint selection or rollback deployment once it’s deployed to your account. You may change the configuration of your cloud service through the service provider portal (e.g. Azure portal) at the risk of no longer being compliant with the blueprint.
Q: Where can I find the compliance statistics for my cloud?
Currently, you can only access compliance statistics when you purchase the Telstra Cloud Compliance add-on.
When reporting becomes available, the details of your cloud's compliance performance will be on the Compliance tab on your cloud details page.
Learn more about compliance reporting
Q: How do I get more information about the test failures?
For additional compliance features, including details of the tests run on your cloud and failure remediation advice, purchase the Telstra Cloud Compliance add-on.
Q: How do I fix the test failures?
Failure remediation advice can be found on the Telstra Cloud Compliance add-on. Purchase the add-on via the Telstra Cloud Sight marketplace.