Security Certification

Druva Achieves SOC 2 Type II Certification for Cloud-Native Data Protection Solutions

Grazed from Druva

Druva, the leader in cloud data protection and information management, today announced that it has successfully completed the Service Organization Control (SOC) 2 Type II certification for its data protection solutions. This certification further assures customers that Druva has designed and implemented effective internal controls that maintain the confidentially and privacy of the data it processes. 

Today's enterprises are turning to modern, cloud-based solutions to reduce the risk, cost and effort of managing data. As they increasingly depend on service providers to manage mission-critical data, they are also increasingly looking for companies that can demonstrate adherence to the highest security and compliance standards. Obtaining this certification affirms that Druva's information security practices, policies, procedures and operations meet the SOC 2 standards for security, availability and confidentiality.

The Top 5 Vendor-Neutral Cloud Security Certifications of 2017

Grazed from TripWire. Author: David Bisson.

Many organizations migrate to the cloud because of increased efficiency, data space, scalability, speed and other benefits. But cloud computing comes with its own security threats. To address these challenges, companies should create a hybrid cloud environment, confirm that their cloud security solution offers 24/7 monitoring and multi-layered defenses, and implement security measures like encryption, data backups and identity access management (IAM).

Organizations can take their cloud security strategy one step further by hiring IT professionals with the proper certifications. These accreditations ensure your new employees are qualified to properly configure your cloud servers and secure your data. Coupled with the proper amount of experience, certified employees can serve as a crucial resource towards helping your company defend against a data breach...

Exploring the Certified Cloud Security Professional (CCSP) Certification

Grazed from GoCertify. Author: Mike Chapple.

Organizations around the world are quickly moving IT services to cloud computing platforms in an attempt to meet a wide range of business needs. From business organizations implementing a user-friendly and cost-effective SaaS platform for e-mail and calendaring to firms chasing wholesale adoption of infrastructure-as-a-service (IaaS), enterprise IT is clearly undergoing a radical transformation.

As services migrate to the cloud, there is high demand for security professionals experienced in adapting existing security controls to cloud environments. How can organizations gauge whether their existing security staff and potential hires have the knowledge required to operate effectively in a cloud-based environment?...

Cloud Security Alliance, (ISC)² Team Up on New Cloud Security Certification

Grazed from TheVarGuy. Author: Elizabeth Montalbano.

Cloud security remains a big concern for solution providers and vendors alike, which is one of the reasons why two leading industry organizations have collaborated to offer a new certification that will ensure VARs have the training and experience they need to properly secure their customers’ clouds.

The (ISC)² and the Cloud Security Alliance (CSA) are now offering the Certified Cloud Security Professional (CCSP) certification, which will require solution providers to have advanced skills required for cloud security. They also aim to establish an international standard for professional-level knowledge in the design, implementation and management of cloud environments, according to a Cloud Security Alliance press release...

Microsoft Corp achieves ISO cloud privacy certification

Grazed from FinancialPost. Author: Lynn Greiner.

Privacy is top-of-mind for many industries, especially when it comes to the cloud. Since the U.S. government began demanding access to cloud-based data from Microsoft’s Irish data centre, customers realized that they may not be safe from privacy violations even if their information is not resident in the U.S. Microsoft and other industry players have been fighting the demands, since they’re all placed in the awkward situation of breaking someone’s laws no matter what they do.

If they capitulate, the EU won’t be happy (nor will customers), and if they don’t, the U.S. government will be miffed. With lawyers. But Microsoft firmly believes that customers, not the cloud provider with whom they store it, own their data. To that end, it says it has become the first major cloud provider to adopt ISO/IEC 27018, the first global standard for cloud privacy, and Microsoft Azure, Office 365, and Dynamics CRM Online have been evaluated for compliance by the British Standards Institute. Additionally, Microsoft InTune has been verified by Bureau Veritas...

Read more from the source @

DoD hesitant on cloud despite AWS security certifications

Grazed from TechTarget.  Author: Editorial Staff.

Government bureaucracy remains slow-moving despite AWS security certifications that allow the cloud provider to host sensitive data.  Amazon Web Services (AWS) was the first public cloud to receive a provisional authorization from the Department of Defense (DoD) under the Defense Information Systems Agency's Cloud Security Model to host Level 3-5 workloads, in late August. Levels 3-5 refer to unclassified, but highly sensitive data. Level 6, which is still excluded from the provisional authorization, pertains to classified data.

Meanwhile, the DoD is methodical in deploying new technologies, said U.S. Air Force Brigadier General Steve Spano, who now works as Amazon's general manager for defense and national security, in a keynote here this week during the Cloud Computing Association's Cloud Developers Summit and Expo 2014...

Ribose first Cloud Service Provider to achieve Multi-Tier Cloud Security certification

Grazed from PRNewsWire. Author: PR Announcement.

Initiated by the Infocomm Development Authority of Singapore (IDA) and developed under the Information Technology Standards Committee (ITSC), the MTCS is a Singapore Standard (SS 584:2013) that specifies stringent security and operational requirements for CSPs to encourage adoption of sound risk management and security practices. The certification specifies three tiers of security certification, with level three being the highest. Ribose's level one MTCS certification was awarded after thorough evaluation by BSI (British Standards Institution), a participating Certification Body for the MTCS standard.

IDA Assistant Chief Executive Khoong Hock Yun said, "Cloud computing is a key enabler for Singapore's drive to become a Smart Nation. Security of the cloud is a critical concern answered by the Multi-Tier Cloud Security standard. We are heartened that global industry players have taken a keen interest in it and are signing on to adopt the measures."...