With Divio, you get a cloud PaaS with full cloud computing ISO compliance
Compliance in cloud computing is fully ensured with Divio’s clients. This goes from the infrastructure layer up through the management of the infrastructure and to the PaaS. Divio and the infrastructure providers handle the cloud security compliance for you.
Compliance in cloud computing protects you and protects your business.
Divio is certified for all three cloud computing ISO security standards:
ISO 27001: Information Security Management System
ISO 27017: Security Controls for Cloud Services
ISO 27018: Protection of Personally Identifiable Information
Established standards for critical operating principles and procedures
Assurance of the vendor’s constant, iterative training and adoption of cutting-edge compliance and security methods
Active protocols for handling information security management
Emergency action and contact plans ready in case of incidents
Methodical protections to prevent risky actions and ensure compliance in the cloud security by upstream and downstream vendors
Protect your business from a wide range of legal, financial, and reputational threats with Divio’s cloud security compliance.
Avoid reputational damage and lawsuits
Pre-empt employee concerns over information security, data protection compliance and how their data is handled
Evade outsiders trying to gain access to your company’s sensitive financial and market-critical information
Bypass potential threats caused by vendor negligence and mishandling of your data
The cloud security compliance of your vendors can either speed up client sign-up or slow it to a crawl
Confirm to clients that all of the vendors in your supply chain are ISO 27001 compliant.
Give assurances that their data will be proactively protected.
Close deals faster and bring in new customers who have higher compliance requirements.
Divio is part of a security and compliance shared responsibility model. That means Divio shares the responsibility for cloud security compliance with other vendors.
Your cloud infrastructure providers (for example, AWS, MS Azure and Google Cloud) have certifications and security audits that cover their section of the cloud infrastructure. They sit below Divio in the infrastructure model.
Divio builds its security and compliance on top of the cloud vendors. We are responsible for the compliance of the cloud infrastructure management layer and services, as well as the PaaS tools and features.
The only part of your cloud infrastructure compliance model that is not covered by Divio or the cloud infrastructure suppliers is your own applications. Your web applications’ contents and how you handle data within the application are your responsibility. But you will always be building upon the solid foundations of the shared responsibility model.