Answer:
<u>Compliance requirements of moving data and services into the cloud:</u>
In other to use cloud services, one has to comply or follow the rules of the service providers, the country of the location where these services are provided. All these are necessary for the safety of the data stored in the cloud.
Some countries, regions, often set up rules guarding usage and storing data in the cloud. So it is very important to be aware of this. For instance, some countries enforce data localization laws which make data of its citizen stored in the servers of the country. Here, the country has full protection over the data hosted.
There are also data sovereignty laws that give the country hosting the data a sort of authority to exercise in accordance with the law binding cloud data hosting in their region. This gives the country easy access to information in case of any legal means.
So, when choosing a cloud application, it’s important for an organization to select an application that will aid in cloud compliance and improve your security posture, not create more risk.
It is very important to first know which law is applicable to the country one is residing so as to comply with cloud usage to avoid fines and legal cases.
<u>Risks of moving data and services into the cloud</u>
It is good before using cloud services to know who could possibly have access to the data, if it is safe, how long could data be stored.
If there are unauthorized use of cloud services, the organization providing the service might not be aware of the safety of the hosted data which eventually decreases an organization's visibility and control of its network and data.
Data stored in the cloud could become incomplete, stolen, lost.
The client might not be able to control who else has access to the stored data.
Moving data and services into the cloud could become unattractive again as organizations could lose clients and revenue if clients' trust no longer exists.
