We are happy to announce the availability of Sovereign Cloud Compliance pack for Aria Operations for our Sovereign Cloud Partners as on 31st January 2023. Introduction of the sovereign cloud compliance pack allows VMware sovereign cloud providers an extended ability to maintain their sovereign posture and allows them to expand their services in to the regulated industries.
Why is Sovereign Cloud important?
Data sovereignty has become more stringent than ever before due to the changing geopolitical landscape really affecting the control of data. With various national and state governments initiating new and/or strengthening existing data sovereignty laws and regulations, regulated enterprises and government agencies must find ways to make this work to innovate their local economies without comprising sovereignty and digital innovation.
This rapid evolution in the regulations governing data protection is something that organizations feel most difficult to keep up with as per an IDC study.
The risk of non-compliance is huge and have multifaceted impact on business. Read how Data Privacy and Sovereignty impact business. As of May 2022, reportedly, over 900 fines have been issued for GDPR violations, the largest of which topped $877 million (746 million Euro) The penalty for noncompliance can be steep, with fines of up to 20 million Euro (or 4% of worldwide turnover from the prior financial year).
This has changed the way customers approach data privacy and security and prefer cloud solutions that provide complete jurisdictional control and authority over data. The primary prerequisite of a cloud customer today is to safeguard data, secure access to the right parties, ensure complete compliance with all state, national and global regulatory requirements, as well as have a continuous compliance monitoring for data sovereignty and governance on an ongoing basis.
How does VMware help?
VMware Sovereign Cloud, which is built on the five pillars of sovereign framework: Sovereign ownership, jurisdictional control, data residency, operations and management and compliance and data security, helps Cloud Providers meet the requirements and offer cloud services that meets the compliance standards and opens opportunities for Cloud Providers by securely expanding into regulated industries like BFS, healthcare and government services.
VMware sovereign clouds offer trusted, local cloud infrastructure built on the 20-point Sovereign principles across five pillars to help cloud providers offer a compliant, comprehensive, secure, and modern platform to their customers.
With VMware Sovereign Cloud and Aria Operations, both partners and customers can get the best of both worlds – to operate in a safe and secure environment, while meeting the Sovereign Cloud compliance requirements through continuous compliance monitoring and alerting.
What is the Sovereign Cloud Compliance pack ARIA Operations?
In this version of the release, we announce the first version of the sovereign cloud compliance pack for ARIA Operations for our Cloud Providers. We have carefully curated a comprehensive compliance checklist that encompasses the sovereign framework as a benchmark and continuously validates applications and infrastructure to help partners maintain their sovereignty posture. This brings in extended capabilities to ARIA Operations, which now addition to the capacity, cost and performance monitoring will monitor and report compliance drifts to the right stakeholders to better manage their compliance structure.
A comprehensive dashboard that alerts and displays compliance score – The number of objects that are non-compliant – along with object level breakdown and the critically of violation associated with the alert.
We can see an example of an alert here, with the listed violations.
Object Level Reporting
The sovereign cloud compliance pack brings better control and visibility across a large array of objects. Users can dive into these alerts to see observed in the Cloud Providers’ environment. The solution alerts users when there are misconfiguration or violations of the sovereign benchmarks detected.
Generate and share compliance reports
Partners can generate Org level reports from the UI. These reports can be scheduled and shared with their tenants for remediation and other purposes. Tenants can access these reports through VMware Chargeback.
How to Install?
Installing the pack is quite straight forward. Users need to follow few simple steps to enable the Sovereign Cloud Compliance pack.
First, download the Sovereign Cloud Compliance pack for Aria Operations from the VMware Marketplace here.
As a pre requisite, you need to have the Aria Operations Management pack for VCD 8.10.2, get it here.
You then need to configure the needed adapters (vSphere, NSX-T, VCD and VCDA). This allows the compliance pack to access these endpoints to monitor.
Once these are in place, you can enable the auto populated Sovereign Cloud Compliance tile from the Compliance tab on the right-hand side
You will be asked to select & enable policies. Once enabled successfully, you will be able to view the compliance dashboard automatically. You can access the compliance dashboard by accessing the compliance tab (2) by clicking the Optimize (1) option.
Pricing and Support
The sovereign Cloud compliance pack comes with “NO ADDITIONAL COST” to our partners. For compatibility between products, please refer to the VMware Product Interoperability Matrices. Partners need have either Aria Operations Advanced or Enterprise to support the pack.
As next steps, please our documentation page for more details. Watch the quick product demo. For more information and feedback kindly reach us on our Slack Channel or leave a reply.