* [Blog](https://www2.paloaltonetworks.com/blog)
* [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Posture Security](https://www2.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/)
* Cloud Compliance: Protect...

# Cloud Compliance: Protecting Your Data and Maintaining Trust

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fcloud-compliance-protecting-your-data-and-maintaining-trust%2F)  
[](https://twitter.com/share?text=Cloud+Compliance%3A+Protecting+Your+Data+and+Maintaining+Trust&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fcloud-compliance-protecting-your-data-and-maintaining-trust%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fcloud-compliance-protecting-your-data-and-maintaining-trust%2F&title=Cloud+Compliance%3A+Protecting+Your+Data+and+Maintaining+Trust&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/cloud-compliance-protecting-your-data-and-maintaining-trust/&ts=markdown)  
\[\](mailto:?subject=Cloud Compliance: Protecting Your Data and Maintaining Trust)  
Link copied  
By [Chanchal Sutradhar](https://www.paloaltonetworks.com/blog/author/chanchal-sutradhar/?ts=markdown "Posts by Chanchal Sutradhar")  
Jul 07, 2023  
7 minutes  
[Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown)  
[Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)  
[Cloud compliance](https://www.paloaltonetworks.com/blog/tag/cloud-compliance/?ts=markdown)  
[Risk and governance](https://www.paloaltonetworks.com/blog/tag/risk-and-governance/?ts=markdown)

Over the last decade, we've seen a significant shift in the industry toward cloud computing, as many businesses opt to use cloud-native services. This shift has allowed organizations to take advantage of infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) --- all of which deliver increased scalability, cost-effectiveness, flexibility and improved efficiency.

While customers use various cloud service providers, their primary concern remains data security. In the current landscape, failure is unacceptable, and noncompliance with regulations leads to stiff penalties. Most critically, noncompliance erodes customer trust, which businesses can't afford to lose.

## Cloud Compliance Defined

Cloud compliance refers to the process of ensuring that an organization's use of cloud-based services, resources and technologies adheres to relevant laws and regulations governing data privacy, security and management. Achieving cloud compliance helps organizations mitigate risks and protect sensitive information.

For example, the Payment Card Industry Data Security Standard (PCI DSS), which is used to ensure security for payments made with debit or credit cards, has requirements for cloud deployments. The same goes for the Health Insurance Portability and Accountability Act (HIPAA) in the healthcare industry.

## Ensuring Security in a Shared Responsibility Model

Security breach headlines continue to roll out, reminding us of the importance of cloud compliance. Consider the [Sina Weibo breach](https://www.zdnet.com/article/hacker-selling-data-of-538-million-weibo-users/), for example. After hackers infiltrated the social media platform, they sold the personal data of approximately 538 million users --- names, site usernames, gender, location, phone numbers --- on the dark web. U.S. voters took a hit with the S3 bucket breach that resulted in the [exposure of personal data of nearly 198 million Americans](https://www.forbes.com/sites/thomasbrewster/2015/12/28/us-voter-database-leak/?sh=1ba00aa85b98). And just last month,[T-Mobile suffered its second data breach of 2023](https://arstechnica.com/information-technology/2023/05/t-mobile-discloses-2nd-data-breach-of-2023-this-one-leaking-account-pins-and-more/) after a data leak revealed the PINs, full names and phone numbers of over 800 customers. Incidents like these often result from poorly implemented cloud compliance policies.

It's imperative to realize that, while the foundational data infrastructure provided by the cloud service provider is secure, the customer assumes responsibility for data security and compliance assurance.
![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-1.png)
Figure 1: Simplified shared responsibility model for cloud security

Cloud service providers follow a shared responsibility model, where they take care of the security of the cloud infrastructure, including the physical data centers, network and hardware. But customers retain responsibility for securing their data and configuring compliance controls within the cloud services they use, such as S3 buckets, virtual machines or databases.

For example, when creating an S3 bucket on AWS, the default settings may not be compliant with specific regulations or security requirements. It's the customer's responsibility to configure the appropriate access controls, encryption, logging and other security measures to ensure the S3 bucket meets their compliance needs.

## Key Factors of Cloud Compliance

Implementing an effective cloud compliance policy is crucial for organizations to ensure the security and regulatory adherence of their cloud environments. Let's explore some of these key factors:

* **Compliance Governance**: Organizations should establish clear compliance objectives aligned with industry regulations and their specific business requirements. This includes understanding the data protection and privacy regulations that apply to their industry and ensuring compliance with those regulations.
* **Risk Assessment and Mitigation**: Conducting a comprehensive risk assessment helps identify potential security risks and compliance gaps. Organizations should evaluate potential threats, vulnerabilities and associated risks to their cloud environment. This assessment helps in prioritizing security controls and taking necessary steps to mitigate identified risks.
* **Policies and Procedures**: Developing well-defined and documented policies and procedures is essential. These policies should cover areas such as access controls, encryption, data handling, incident response and data breach notification. Regularly review and update these policies to ensure they reflect the current regulatory landscape and emerging threats.
* **Monitoring and Auditing**: The continuous monitoring of the cloud environment helps identify and rectify any noncompliance issues or security incidents promptly. Implementing robust monitoring solutions can detect anomalies, unauthorized access attempts, or policy violations. Regular audits assess the effectiveness of security controls and pinpoint areas for improvement.
* **Incident Response and Remediation**: Develop an incident response plan that outlines the steps to take in the event of a security incident or data breach. Ensure the plan includes procedures for containment, investigation, notification and recovery. Regularly test and update the plan to address emerging threats and lessons learned from previous incidents.

## The Role of Prisma Cloud in Cloud Compliance

Prisma Cloud provides the [industry's broadest security compliance coverage](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-compliance) for infrastructure, workloads and applications throughout the development lifecycle and across hybrid and multicloud environments.

Helping executive teams and security engineers effectively manage and maintain compliance, Prisma Cloud provides the following capabilities:

**Continuous Monitoring**

Prisma Cloud continuously monitors cloud resources and assesses their compliance status in real time. It automatically detects changes that impact compliance and can alert security teams to take corrective actions.
![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-2.png)
Figure 2: Urgent risk and incident details ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-3.png)
Figure 3: Alert information based on different policies

**Granular Visibility**

Prisma Cloud offers granular visibility into cloud resources, providing detailed information about individual assets and their compliance status. This allows security teams to drill down into specific assets to understand the exact reasons behind noncompliance.
![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-4.png)
Figure 4: Different compliance posture details with Passed and Failed asset count ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-5.png)
Figure 5: Failed asset details of one of the secure control framework compliance

**Compliance Reporting**

Prisma Cloud generates compliance reports that provide a comprehensive view of the compliance status of assets in the cloud environment. These reports highlight noncompliant resources, misconfigurations and policy violations, enabling organizations to identify and address compliance gaps.
![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-6.png)
Figure 6: Granular compliance information with asset details in graph format

**Remediation Recommendations**

Prisma Cloud provides actionable recommendations and remediation steps to address compliance issues. It suggests specific configuration changes or security controls that organizations should implement to bring assets into compliance with industry regulations and organizational policies.
![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-7.png)
Figure 7: Recommendations steps for a policy ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-8.png)
Figure 8: Remediation command details

Prisma Cloud helps customers to achieve and maintain compliance within their cloud environments. Significant regulations supported by Prisma Cloud include:

1. **CIS Controls**: Prioritized safeguards known as CIS controls help to counter the most common cyberattacks against systems and networks. Derived from the consensus list of security controls, experts in security consider CIS Controls the top defensive techniques to prevent data breaches and lessen the damage caused by cyberattacks.
2. **NIST Cybersecurity Framework**: The Framework outlines various methods for data protection, contributing to a more secure organization. It employs a consistent procedure to ensure assets are adequately shielded from malicious actors and code. Ideally, the Framework comprises five steps: identify, protect, detect, respond, recover.
3. **ISO/IEC 27001** : Recognized globally as the standard for information security management systems (ISMS), ISO/IEC 27001 is essential. Any company handling sensitive data should seriously think about incorporating [ISO 27001](https://hyperproof.io/iso-27001/) into their compliance portfolio.
4. **Hitrust CSF**: The healthcare sector generally drives and controls HITRUST enforcement, while HIPAA establishes specific consequences for data security violations. The industry, including hospitals and payer requiring certification, has seen swift adoption of HITRUST and it is gaining ground as an expectation for service providers and vendors.

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/07/word-image-298080-9.png)
Figure 9: CIS control v8 compliance requirement details containing different policies mapped to it

Bottom line: Cloud compliance is a crucial aspect of adopting and using cloud services securely and responsibly. It involves adhering to regulatory requirements, industry standards and best practices to ensure the protection of sensitive data and build trust with customers.

## Achieve Compliance from a Single Solution

Get real-time and historical views into your compliance status for hosts, containers and serverless functions with Prisma Cloud. Start your free [30-day test drive](https://www.paloaltonetworks.com/prisma/request-a-prisma-cloud-trial) today --- and learn how customers have used [Prisma Cloud to improve the security posture](https://www.paloaltonetworks.com/resources/ebooks/customer-spotlight-visibility-and-compliance) of their organizations.

*** ** * ** ***

## Related Blogs

### [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Data Detection and Response](https://www.paloaltonetworks.com/blog/cloud-security/category/data-detection-and-response/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)

[#### Achieving Cloud Data and Compliance: How You Can Make It Work](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-data-compliance/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)

[#### New Capabilities Scan for Sensitive and Publicly Exposed Data](https://www2.paloaltonetworks.com/blog/cloud-security/scan-sensitive-and-publicly-exposed-data/)

### [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown)

[#### Enhanced Visibility Into Compliance for Cloud Native Workloads](https://www2.paloaltonetworks.com/blog/cloud-security/enhanced-visibility-compliance-cloud-native-workloads/)

### [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Is Your Snowflake Data at Risk? Find and Protect Sensitive Data with DSPM](https://www2.paloaltonetworks.com/blog/cloud-security/protect-sensitive-data-dspm-snowflake/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Data Loss Prevention](https://www.paloaltonetworks.com/blog/category/data-loss-prevention/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown)

[#### Eight Data Security Problems Finally Solved in the Browser Era](https://www2.paloaltonetworks.com/blog/sase/eight-data-security-problems-finally-solved-in-the-browser-era/)

### [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Incident Response](https://www.paloaltonetworks.com/blog/category/incident-response/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

[#### The Case for Multidomain Visibility](https://www2.paloaltonetworks.com/blog/2025/10/case-for-multidomain-visibility/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language