IT organizations striving to ensure compliance with HIPAA, Sarbanes-Oxley, BASEL II and similar regulations generally have a good grasp of the security considerations that apply to key hardware and software systems running in the cloud. They need to manage user authentication and access control, disk encryption, update planning and backup/restore. But there are high availability (HA) and disaster recovery (DR) considerations that may not be as obvious. Not only may there be a need to ensure that key systems are available no less than 99.99% of the time, but there may be a need to ensure that a DR infrastructure is in place to ensure continuity of operations in the event of a regional catastrophe that takes out the primary cloud infrastructure. While there are numerous options for configuring HA and DR solutions in the cloud, not all of them are suitable for solutions designed with regulatory compliance in mind.