Robert Filepp, C. Adam, Milton Hernandez, M. Vukovic, Nikos Anerousis, Guanlai Zhang
{"title":"Continuous Compliance: Experiences, Challenges, and Opportunities","authors":"Robert Filepp, C. Adam, Milton Hernandez, M. Vukovic, Nikos Anerousis, Guanlai Zhang","doi":"10.1109/SERVICES.2018.00029","DOIUrl":null,"url":null,"abstract":"IT compliance is an area of increasing attention and capital spend in enterprise IT environments. We present \"Continuous Compliance\", a framework that allows a managed IT services provider to automate the overall process of keeping IT assets conformant with enterprise policies, regulatory frameworks, and other best practices. Our framework applies to all cloud layers and service models: Infrastructure-, Platform-, and Software-as-a-Service. We describe our framework design, its operation, and the post-process analytics and reporting. We also examine remediation reports gathered from over 2,000 servers for a seven month period, graph the incidence of repeated remediations, and explore some reasons for gradually subsiding remediations.","PeriodicalId":130225,"journal":{"name":"2018 IEEE World Congress on Services (SERVICES)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE World Congress on Services (SERVICES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2018.00029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
IT compliance is an area of increasing attention and capital spend in enterprise IT environments. We present "Continuous Compliance", a framework that allows a managed IT services provider to automate the overall process of keeping IT assets conformant with enterprise policies, regulatory frameworks, and other best practices. Our framework applies to all cloud layers and service models: Infrastructure-, Platform-, and Software-as-a-Service. We describe our framework design, its operation, and the post-process analytics and reporting. We also examine remediation reports gathered from over 2,000 servers for a seven month period, graph the incidence of repeated remediations, and explore some reasons for gradually subsiding remediations.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
