Q: What is compliance
This feature helps you protect your clouds and keep them compliant with industry regulations and best practices.
The current mode of compliance offered is called cloud hardening. This allows you to set up a new cloud as per a selected compliance blueprint. The blueprint's recommendations are used to create the new cloud as per the specification of a chosen standard.
We will soon offer a compliance reporting feature, which will allow you to choose from a variety of blueprints that may be used as a benchmark to test your cloud.
A blueprint is a set of recommendations that can be used as benchmark that you can test your clouds against.
Please note that:
- A blueprint only contains a limited subset of the total number of recommendations within a specific compliance standard relevant to your eligible cloud services account;
- the blueprint does not address broader architectural build (e.g. connectivity) or processes and systems outside of your eligible cloud services account;
- the blueprint does not provide a certificate of compliance for the limited recommendations it supports;
- we do not guarantee end-to-end compliance with the industry standard and we do not and cannot assume your compliance obligations under all or any of the industry standards; and
- you remain responsible for your overall compliance with the applicable industry standards.
Cloud hardening offers:
- Center for Internet Security (CIS) benchmark
- Center for Internet Security (CIS) benchmark
- Payment Card Industry Data Security Standard (PCI DSS)
- Health Insurance Portability and Accountability Act (HIPAA)
Q: How do I harden a cloud?
You can deploy a blueprint when adding a new cloud to Cloud Sight.
Learn more about cloud hardening
Q: Can I harden a cloud after it's added to Cloud Sight?
No. At the moment a blueprint can only be deployed when a cloud is being added to Cloud Sight. Please select your blueprint when adding a new cloud.
Q: Can I remove a compliance blueprint from my cloud?
You can disable a compliance blueprint on a cloud. You'll find the disable button on the Compliance tab on your cloud details page. Disabling will pause the reporting feature on that particular blueprint on your cloud.
With cloud hardening, you cannot change your blueprint selection or rollback deployment once it’s deployed to your account. You may change the configuration of your cloud service through the service provider portal (e.g. Azure portal) at the risk of no longer being compliant with the blueprint.
Q: Where can I find the compliance statistics for my cloud?
Currently, you can only access compliance statistics when you purchase the Telstra Cloud Compliance add-on.
You can only access compliance statistics when you opt in for managed services.
When reporting becomes available, the details of your cloud's compliance performance will be on the Compliance tab on your cloud details page.
Learn more about compliance reporting
Q: How do I get more information about the test failures?
For additional compliance features, test details, and failure remediation guidance, consider opting for managed services.
Q: How do I fix test failures?
For assistance with test failure, please reach out to our managed services team through the support portal or via the contact information provided in your account dashboard.