Compliance frameworks for cloud security providers across globe

Many organisations have moved some or all of their IT to the cloud, but it’s resulted in unexpected costs, fragmentation, and a need for more security staff to monitor data, mitigate advanced threats and meet regulatory & compliance requirements.

Until few years ago – the mission critical data of an organization will be within walls (data center) and organization is accountable to ensure that they meet the regulatory and compliance needs. Technology has evolved and now security leaders ‘trust’ cloud to secure their data & for mobility requirements. (see related post – Security considerations while migrating business applications to cloud infrastructure)

But – How are you evaluating the CSPs (Cloud security providers) adherence to compliance frameworks despite the business are not restricted to specific region in the global economy. (See related post – NIST released the draft NICE Cybersecurity Workforce Framework (NCWF))

In this article, you’ll understand the various compliance frameworks that cloud security provider should stay up-to-date with the evolving industry standards across geographies with more than 1000 controls. Below are the country specific compliance requirements

United States

United Kingdom

European Union



  • China GB 18030
  • China MLPS
  • China TRUCS




New Zealand


With enforcement of the EU’s General Data Protection Regulation (GDPR) is just over a year away in May, 2018,  Adoption of cloud applications across the EU continues at a rapid clip, and the global nature of leading cloud applications means that protecting personal data and achieving data residency can be difficult to achieve. (see related post – Security regulatory compliance for telecom operators)

Organization can’t simply give-away on adherence to regulatory compliance requirements. This is an ongoing engagement for the cloud security providers to ensure that they conduct periodic 3rd party audit to ensure that the solutions meet the compliance and enable trust with the customers.