eCloudvalley gets ISO 27001 / ISO 27017 verification

In the upcoming cloud era, every business is looking forward to it, but many of them are also worried about the safety and the risks of cloud security services ,which makes them hesitated . It’s a big challenge for today’s cloud service providers to ensure that their systems and data are free from worries. In order to meet the high requirements of enterprise users for information security, eCloudvalley has recently been certified by SGS for ISO 27001, the information security management system certification, and eCloudvalley’s Atlas is the first cloud management platform certified by ISO 27017. 

How to choose a cloud service provider? 

Why the certifications of ISO 27001 and ISO 27017 are so important? According to Zhang Nisshin, senior operations director of Taiwan Inspection and Technology (SGS), explains that the companies who get ISO 27001 can help authorities and businesses reduce the threats and risks from internet , and meet the security requirements of employees and shareholders. 

However, ISO 27001 requires only general information security on the Internet, there is no specific reference to norms for cloud control projects; therefore, it is also important for cloud service providers to obtain ISO 27017 certification. The content is based on ISO 27002 standard of cloud security features for reference and compliance, such as virtualization management security, snapshot / other related information management and cross-border jurisdiction issues, are clearly defined in this certification. 

It is known that many famous cloud service providers in the world, such as Amazon and Google, have applied for ISO 27017 authentication and obtained certificates to prove their international standards of cloud service security, which shows the professional of eCloudvalley by accessing these two certifications. 

High data security, Atlas got ISO 27017  

For enterprises who have a great demand for cloud services, how to effectively maintain and manage cloud resources is not only painful and expensive. Therefore, eCloudvalley launched Atlas, a cloud-based management platform based on artificial intelligence, to meet the cloud management requirements of enterprise customers. Atlas is the first platform that pass ISO 27017 information security verification, and it has the functions of IT deployment management, financial management (cost and usage), disaster recovery management and IT automation by using the power of artificial intelligence to optimize management. 

eCloudvalley’s Product Manager ,Lin Bozhou , says that enterprise users can see the deployment of enterprise cloud resources on the platform, and whether the cloud infrastructure is abnormal. By using the integrated usage analysis report , they can understand the load status of each service, early response to possible risks. 

eCloudvalley is 100% dedicated to Amazon Web Services (AWS) as a professional cloud service provider, and the only Premier Partner in Greater China. Based on the cross-regional backup mechanism of Atlas platform, customers can use the platform’s automation capabilities to simplify the construction of remoting disaster recovery challenges, which can not only reduce the IT staff’s demand and the risk of error, but also meet the requirements of ISO 27017 for certification vendors to achieve data security and operational continuity. Lincoln says that the Atlas interface allows customers to easily manage when data and service systems need to be backed up or even backed up to different geographic regions around the globe, and provide rapid relocation when customer services are disrupted by events such as regional natural disasters. Ensuring that data can be restored in time to minimize the damage. 

In addition, Atlas platform can monitor the real-time cost of resources and manage cloud service costs for optimal using of resource. Platform equipped with artificial intelligence and big data analysis technology, which will automatically analyze the user records of resource usage in the past, and then predict the future trend. If the use of resources is abnormal, the system will alarm automatically so users can deal with it in time. 

eCloudvalley continuously ensures user cloud security environment 

When eCloudvalley assists clients in planning or setting up an information system, safety is a top consideration, many professional services such as Continuous Compliance and AWS environmental security testing are widely acclaimed by many customers. eCloudvalley maintenance service manager, Zhou Xuyi , takes continued compliance as an example. In the past, even enterprises set firewalls on their corporate networks, there was still a risk of hacker hacking, the reason is that 80% of the hacking activities are committed by employees in the company, they set the “back door” and use these security holes to steal information from it, and this is not easy to detect. 

If enterprises want to prevent this type of situation, they may have to spend a lot of cost to buy software to monitor, and eCloudvalley’s compliance cost is far lower than the traditional software, which ensure all customer settings and account won’t be moved suddenly without permission 

For example: 

(1) If someone changes a firewall setting or an account without permission, the system will automatically alarm and inform the difference 

(2) The customer may also choose to automatically restore the original setting if the system changes without permission and notify the manager. 

Take another example, a well-known television station in China is often threatened by hackers. This TV station, in cooperation with eCloudvalley, is optimized for the most important network settings: Security Group, Network Access Control List (NACL) and routing tables. Setting the security group so that the Original Server only accepts the connection from AWS CloudFront , which can prevent hackers from detecting the host location and then skipping CloudFront to directly attack the host. For the optimized environment configuration, the system will issue an alert and automatically restore when the security settings are changed by unauthorized employees or hackers.  

Zhou Xuyi continue to say that the security inspection system provided by eCloudvalley MSP Service can help customers check whether the AWS environment complies with Security Best Practice and enhance environmental safety. In the traditional room environment, the firewall settings all rely on the network engineer , if the engineer inadvertently or deliberately set the wrong rules, the enterprise is very difficult to detect, but with eCloudvalley detection system, you can view whether the firewall settings is too wick, and get the information of the loosening and possible security concerns, reminding customers to make timely action. 

In addition to the firewall rule detection described above, eCloudvalley’s security inspection system also checks whether the important service settings such as AWS account, S3 storage space, CloudTrail, snapshot backup, etc. are in the best way to help customers secure the system and improve service availability. In the trend of cloud computing for enterprises, whether cloud service providers can ensure users’ information security and maintain compliance will be an important consideration for enterprise selection. eCloudvalley is not only the only high-level partner in AWS Greater China, but also has achieved ISO 27001 and ISO 27017 dual verification, both in proving that the company can provide Cloud professional capabilities in line with international standards

2018-10-31T23:08:48+00:00 2017/11/15 |News, Security|