What are you looking for ?
Mobile Search Icon
Mobile Menu Icon
Infinidat
Articles_top

ISO 27701 Certification for Clumio Secure Backup-as-a-Service

Recognized privacy certification standard that parallels requirements

This is a Press Release edited by StorageNewsletter.com on January 21, 2021 at 2:15 pm

Clumio Inc. announced that lts secure backup as a service for the enterprise has achieved the ISO 27701:2019 Privacy Information Management System (PIMS) certification.

Clumio Authentic Saas

ISO 27701 is considered to be the first internationally recognized privacy certification standard that parallels the General Data Protection Regulation (GDPR) personal data collection, processing, and protection requirements. This latest privacy certification underscores the company’s commitment to proactive compliance, with the company’s completing 5 major privacy/security compliance programs in its first 18 months. One of the company’s prime competitive differentiators: its cloud-native architecture has allowed to ‘bake’ security capabilities into its SaaS platform.

While some companies are cobbling together compliance solutions, Clumio has made it a mission from day one to take a holistic and proactive approach to compliance,” said Glenn Mulvaney, VP, cloud operations and security,. “We began our ISO compliance work before we even had a public product, and have worked to stay one step ahead of our audit requirements, compliance reports, and certifications. We started with the correct compliance controls long before we entered the public market, meaning we didn’t have to ‘undo’ poor practices when it came to our product, our employees, and our processes. We built our platform and our organization to conform to key industry privacy and security standards from the start.

Clumio Architecture

The company was born in the public cloud, leveraging modern cloud capabilities – including more than 10 major AWS services – to ensure it meets and exceeds the backup, privacy, and security requirements of today’s most demanding enterprises. The firm recognizes that compliance and security are not interchangeable. As a result, information security best practices are built into the product architecture. The company‘s SaaS backup protects workloads such as VMware/VMware Cloud on AWS, Amazon Web Services (EC2/RDS/EBS), and Microsoft M365. As a SaaS platform, the firm has built upon AWS physical and environmental compliance controls. Companies that use company’s can be assured that their compliance requirements for data protection are satisfied.

Although there is no official GDPR checklist or certification, the firm‘s platform is built on ISO information security and privacy management system standards that also align with GDPR. This privacy-related certification confirms that Clumio’s product offerings contain processes and operations that have been validated through independent testing and support compliance with privacy laws and legislation, including GDPR and the California Consumer Privacy Act (CCPA).

Clumio access management
In addition to achieving the ISO 27701 certification, the company recently announced Clumio Access Management, a set of secure access management capabilities designed to provide corporate IT with more granular department and role-based access controls. Access Management encompasses authorization and authentication best practices that allow enterprise IT teams to provision by organizational unit, ensuring the right people have the right access to do their jobs.

Clumio Access Management

Clumio Access Management delivers:

  • Simplified experience: Configure asset/inventory grouping criteria for department administrators in organizational units. Any future assets that get added to the grouping criteria (such as Accounts for AWS or VMFolder for VMware) get assigned to the department administrator in that organizational unit automatically.

  • Zero trust security: Corporate IT teams in large enterprises or MSPs no longer need to have credentials of all data sources. They can add their department administrators or tenants respectively and then these administrators can add their respective data sources and ensure that visibility is restricted to their own department.

  • Contextual navigation: Corporate IT teams can easily change the context and ‘view’ everything as the department administrator. This helps both teams resolve issues very quickly.

  • Consistent data protection: Corporate IT teams can create reference policies that department administrators can use to protect their assets. They cannot modify such policies, but they can use this policy to provide consistent data protection across different data sources.

This first phase of Clumio Access Management is available. Future updates to Access Management will include the ability to create custom and/or pre-defined roles to allow select administrators to manage the actions that organizational unit administrators can perform in the Clumio portal.

Resources:
Blog: Clumio RansomProtect by Chadd Kenney, VP and chief technologist, Clumio
Demo of Clumio RansomProtect
More from AWS on Immutability and Air Gaps – Why it Matters for Data Protection
How Clumio is Reimagining Enterprise Backup

Read also :
Clumio RansomProtect Air-Gapped Ransomware Protection For Private/Public Cloud and SaaS
Connects with existing data center or public cloud infrastructure with no additional hardware or software.
December 25, 2020 | Press Release
Articles_bottom
AIC
ATTO
OPEN-E