ISO/IEC 27017:2015
ISO 27017 gives guidance on the implementation of information security controls for cloud service customers and cloud service providers. This standard recommends the implementation of cloud-specific information security controls that are additional to ISO/IEC 27001 and ISO/IEC 27002 standards.
LoginRadius is ISO 27017 audited and certified.
The LoginRadius ISO 27017 certification demonstrates our commitment to align with highly-recognized best practices in cloud services. It also ensures that we have a very precise information security management system that adequates to the cybersecurity requirements in our cloud services.
LoginRadius platform is 100% cloud-based. Protecting our infrastructure is paramount for us. Our processes and procedures follow cloud services best practices in the market, for example, the LoginRadius platform is hosted with multiple cloud service providers and in multiple regions, which ensures high availability in our services and the capacity of auto-healing in a few seconds. All our processes are reviewed continuously and a third-party and independent audit is performed at least once a year.
This standard provides controls and implementation guidance for both cloud service providers and our cloud service customers. ISO 27017 provides cloud-based guidance on controls in ISO 27001, it also includes more cloud controls that address the following:
- Who is responsible for what between the cloud service provider and the cloud customer
- The removal/return of assets when a contract is terminated
- Protection and separation of the customer’s virtual environment
- Virtual machine configuration
- Administrative operations and procedures associated with the cloud environment
- Cloud customer monitoring of activity within the cloud
- Virtual and cloud network environment alignment
