Via the new tool, customers can set up policies related to regulatory and business requirements — such as where data resides and how it’s protected, for instance. These policies can be applied to specific cloud workloads, regions, or zones in the Sovereignty Risk Profile tool, allowing users to track sovereignty requirements “in real time,” IBM Cloud product manager Janet Van said in a blog post, with “visibility into configurations, encryption posture, and environmental controls.”
It’s then possible to assess compliance and decide what workloads meet sovereignty requirements.
Tracking the factors that contribute to sovereignty is a challenge for many organizations, said Holger Mueller, vice president and principal analyst at Constellation Research. “It is very difficult, as you don’t know about the details of the stacks; sometimes, even the location of data is not fully transparent,” he said.
The Sovereignty Risk Profile “addresses many of the compliance-related requirements associated with data residency and encryption, while also tackling sovereignty from a resilience and concentration-risk perspective,” said Dario Maisto, senior analyst at Forrester.
Read the full article here
