Compliance modes: HIPAA, SOC2, GDPR-EU, FedRAMP as configuration
Each regime wants specific retention, audit, and erasure behavior. Enterprise compliance modes preset the whole posture, so the auditor's checklist maps to a flag.
Compliance work on infrastructure is usually translation labor: take a regime's controls, map each to scattered settings, document the mapping, defend it annually. The mapping rots as settings drift, and every audit re-litigates it. The fix is to make the regime itself the configuration unit.
Crowkis Enterprise ships compliance modes as presets: select HIPAA, SOC2, GDPR-EU, or FedRAMP posture and the relevant behaviors — retention rules, PII handling strictness, audit-log persistence and export, erasure workflow guarantees — configure as a coherent set. The auditor's question 'how do you ensure X?' answers with a mode name and the mode's documented contract.
Five stages score every write before it can ever be served.
The underlying machinery is the same trust-and-privacy stack every edition runs — the modes tighten and document it rather than bolting on a parallel system. That matters for honesty: compliance mode is the everyday engine with stricter dials, not a demo configuration that diverges from what actually serves traffic.
The bottom line
Regulated teams don't fear controls; they fear ambiguity about controls. Presets kill the ambiguity, and the audit meeting gets shorter — which, in compliance, is the entire definition of victory.