Meeting customer regulatory compliance concerns with Storage as a Service is very difficult. There is no real way to guarantee that you will meet the compliance requirements. There is no audit service currently and it would be difficult to create because the service could be legally liable for any mistakes.
In reality, only legal proceeding could rule whether a compliance requirement was being met. This is a difficult and dangerous situation. To prove or demonstrate that all regulatory compliance requirements are being met and a complete chain-of-custody control for data was established is complex and costly. For many storage as a service providers, this may not be worth it because of the extra overhead, basic expenses and the fact that there are also many different compliance regulations.
Dig Deeper on Regulatory compliance with cybersecurity laws and regulations
Related Q&A from Randy Kerns
Compare SAN and NAS, and find out what to consider when using each storage system format. Object storage and the cloud are also affecting the storage... Continue Reading
Logical unit numbers are a logical abstraction between a physical disk device and applications. Learn more about LUN use cases and LUN security ... Continue Reading
What is the one hidden gotcha that you'd advise users about if they were shopping for an all-flash storage array? Continue Reading