There are a number of ongoing efforts to establish standards and suggested best practices related to data privacy and security in a next generation environment. Eliminate fire drills.
These best practices are being viewed as a set of evolving guidelines for end customers to follow when performing a risk assessment against a dynamic infrastructure. Examples of ongoing initiatives are the Cloud Security Alliance (CSA) Federal Risk and Authorization Management Program (FedRAMP), Health Insurance Portability and Accountability Act (HIPAA) in the healthcare sector, Federal Information Security Management Act (FISMA) in the government sector, and the Common Assurance Maturity Model (CAMM) in Europe. These recommendations span facilities, networks, systems, applications, and data. Broadly, these guidelines resemble on-premise IT standards with greater emphasis on data-sensitive elements such as confidentiality, integrity, and availability of customer systems and data in a multi-tenant environment.