CPC G06F 21/6218 (2013.01) [G06F 16/214 (2019.01); G06F 21/6245 (2013.01); G06Q 10/06393 (2013.01); G06Q 30/018 (2013.01); H04L 67/10 (2013.01); G06F 3/0482 (2013.01)] | 22 Claims |
1. An article of manufacture comprising:
a non-transitory machine-readable storage medium that provides instructions that, if executed by a set of one or more processors, are configurable to cause the set of processors to perform operations comprising,
combining compliance assessment metrics in a subset of two or more compliance assessment metrics to form a combined compliance assessment metric, wherein each compliance assessment metric in the subset reflects a level of compliance of a set of rules with a different type of data privacy and/or data security laws, regulations, and/or policy, wherein the set of rules are to manage personal data in an organization instance of a customer of a cloud-based software provider capable of hosting the organization instance in one or more datacenters in a plurality of different geographic regions, wherein the combining includes setting the combined compliance assessment metric to:
a first tier when each of the compliance assessment metrics in the subset are in a first state,
a second tier when a first compliance assessment metric and a second compliance assessment metric of the subset are in the first state, but a third compliance assessment metric of the subset is in a second state, and
a third tier when the first compliance assessment metric or the second compliance assessment metric of the subset is in the second state;
gating an ability to migrate the organization instance from a first geographic region of the plurality of different geographic regions to a second geographic region of the plurality of different geographic regions based on the combined compliance assessment metric, the gating including:
causing a migration only after a user affirms acceptance of a risk of migration when the combined compliance assessment metric was set to the second tier, and
preventing the migration when the combined compliance assessment metric was set to the third tier; and
causing the display of a dashboard, which is part of a data policy compliance service provided by the cloud-based software provider, including at least the combined compliance assessment metric.
|