This certification was designed to provide a guide for cloud service providers to determine how to become more secure, and a guide for cloud customers in assessing the security aspects of their cloud service provider. iland’s achievement of the CSA Gold level designation means customers can be confident that iland is at the forefront of cloud security. This certification builds on iland’s Secure Cloud platform and services which, have advanced security features fully embedded and our compliance professional services team who guide iland customers through the process of ensuring cloud compliance to a broad range of industry regulations.
What certification processes did iland have to complete?
An accredited independent third party – the British Standards Institution (BSI) utilized the CSA auditing process, which is based upon completing both the ISO/IEC 27001 certification and additional criteria set out in the CSA Cloud Controls Matrix (CCM), to evaluate iland’s security controls. The benefit to being evaluated under this process versus other processes is that it is pre-mapped to other industry accepted frameworks, including HIPAA, PCI DSS, SOC2, ISO27001 and NIST. Once the evaluation was complete, the BSI scored iland’s security controls using a point based system that provides for more points for higher levels of organizational maturity. iland’s high level of maturity earned it enough points to be awarded the highest-level designation possible.
Why the Cloud Security Alliance?
The Cloud Security Alliance (CSA) is an international organization dedicated to improving cloud security, and one of the ways that it does this is by operating the CSA Security, Trust & Assurance Registry (STAR). STAR is a publicly accessible registry that allows for cloud providers that have received certifications from CSA to publish them so that potential customers can verify that the provider does indeed have the certification, and the registry is based on the CCM and the Consensus Assessments Initiative Questionnaire (CAIQ), the latter of which is an extensive control-based questionnaire that is designed to provide cloud provider customers with a core set of questions to ask a cloud provider before procuring their services.
How does this benefit iland customers?
The benefits of iland achieving the CSA Star Gold Certification for our customers include:
- Access – While an iland customer could view the certification itself on the CSA website the same way that the customers of other cloud service providers can, iland distinguishes itself from other cloud providers not only by providing both the auditor report and iland’s answered CAIQ in the iland Secure Cloud Console, but also by allowing its customers to view and download these documents at any time. This is invaluable when it comes to auditing time.
- Confidence – Customers can be confident that iland is constantly working on improving cloud security, and the CSA STAR Gold Certification validates this. They can also download the detailed documentation to prove their cloud security posture from the iland Secure Cloud Console at any time and provide this to their own customers to assure them. This is particularly important for channel partners or SaaS providers.
- Due Diligence – The CAIQ provides answers to many, if not most, of the most common questions in due diligence questionnaires, and customers have access to the information 24/7/365 on the iland Secure Cloud Console. This makes the evaluation process and the auditing and compliance processes much more straightforward and efficient.
- Transparency – The auditor’s report for the CSA STAR Gold Certification in the iland Secure Cloud Console will enable customers to see not only iland’s areas of strength, but also areas that iland has room to grow.