8 September 2016

0

Regulatory Compliance and Enterprise Communications: What to Know

Insider by Tom Collins

Business has moved to the cloud and with evolving compliance regulations, enterprise-level companies face a continuing challenge: How to provide cutting edge communication services to clients, staff, and partners without violating any compliance requirements. Here's what you need to know.

Is compliance with any rules required? The answer is most likely... yes.

Enterprises are required by the major standards to ensure all of their operations are compliant with any applicable laws and regulations, including their cloud service providers.

Three major standards in regulatory compliance are forcing businesses of every size to reconsider their infrastructure and security. Now subject to independent audits, recent highly publicized cases have cost companies like Advocate Health Care and others millions of dollars in fines and recourse.

Compliance Regulations That Affect Enterprise Communications

HIPAA

The Health Insurance Portability and Accountability Act is the standard for the protection of consumers health information and any firm that deals with personal health data must have both physical and network security.

This federal law is enforced through large fines that can easily be avoided by choosing the right partner. Learn more about the importance of partnering with a HIPAA compliant data center here.

Sarbanes-Oxley

Sarbanes-Oxley, aka "SOX" was passed in an effort to protect consumers from accounting errors and fraudulent practices and to improve financial reporting in the Enterprise. SOX is administered by the SEC and is strictly enforced. Sarbanes-Oxley tends to converge with IT & Communications in two forms:

  • Human access - Requires controls be in place to restrict access immediately upon a change in employment status of employees and partners of financial firms who have access to data.
  • Data storage and archiving - SOX requires that business records, including electronic records and electronic messages, be saved for "not less than five years." Keeping these records on the cloud is the best method but requires a compliant partner.

PCI-DSS

If you are a merchant of any size, accepting credit cards is now subject to strict compliance measures. One of the more recent standards to go into effect, the Payment Card Industry Data Security Standard or PCI-DSS, is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.

The Top 4 Areas of Regulatory Compliance

Enterprises committed to regulatory compliance should consider the following four areas of compliance that are most stringent under current regulations.

To remain safely within the mandated guidelines, a compliant unified communications provider is often the best solution.

1. Physical Location

Enterprise firms, their partners, and subcontractors all require a compliant data center and hosting provider under HIPPAA and other regulations. Physical safeguards within the data center protect assets and limit and protect access to hardware.

2. Disaster recovery

Compliant unified communications providers offer state of the art disaster recovery and offsite backup of data ensuring failures can be remedied and protected data recovered quickly. The FCC now requires major outages be reported. By partnering with a top level provider, the enterprise protects itself.

3. Network security

The bottom line is that end to end security is required. In fact, many of these regulations were created to intensify the security around valuable personal and financial data. Private direct connections and high-level security can be ensured with compliant partners.

4. Data Archiving

Most of the regulations forcing change in enterprise communications require large-scale data protection. All methods of storing and transmitting data are protected against unauthorized access and massive archives of data can be stored securely in the cloud.

Compliance In Enterprise Communications

In addition to the four major compliance issues previously mentioned, enterprise communications must also consider these factors:

BYOD

Business has gone mobile, making "Bring Your Own Device" (and apps) part of the daily lexicon. Compliance-gone-mobile can be tricky and employee restrictions and regulations that limit and monitor BYOD policies can help an enterprise remain compliant.

Cloud-Based Enterprise Applications

Enterprise content management and collaboration tools allow files, communications, and endless data to flow between locations and departments. By choosing a unified communications provider with top-notch security procedures you can rest assured collaborating parties can transfer data and files with less opportunity for a breach.

Future Compliance

If you've been using a local compliant data center, that doesn't ensure an easy adjustment in the future. The volume of compliance demands is sure to tax the staff and resources of any department already tasked with network security.

Be certain current configurations and resources have the the flexibility and bandwidth to adjust to new regulations.

Organizations of any size need to be aware of the incredible increase in compliance demands coming towards them so they can adjust as necessary and remain compliant.

At Atlantech, we provide top-level security and connectivity to ensure your communications are compliant. We act as your expert service provider to stay ahead of changes and allow you to react to changes that need to be made. If you are looking for a trusted partner you can rely on in the Washington, D.C. area, contact us today.





10 Questions to Ask Before Buying Data Center Services
free ebook

10 Questions to Ask Before Buying Data Center Services

Get all the information you need to make the smartest decision for your business’ data.

Download


Subscribe to our blog for more helpful articles like this


t-tom-collins

About the author:

Tom Collins (Twitter, LinkedIn) - is the Director of Enterprise Sales & Marketing for Atlantech Online. He has over 20 years of professional experience in the Internet Service Provider industry and is known for translating technology into positive results for business. A native of Washington, DC, a graduate from University of Maryland (degrees in Government & Politics and Secondary Education), Tom is also a five-time Ironman finisher.

Popular Posts

Subscribe to the Blog