JavaScript is turned off in your web browser. To take full advantage of Ribose features, please enable JavaScript and refresh the page.

Ribose becomes first cloud service provider outside Mainland China to complete CSA C-STAR Assessment on cloud security

24 June 2015 – Hong Kong / Guangzhou – Ribose has become the first cloud service provider (CSP) outside Mainland China to complete the Cloud Security Alliance’s (CSA) C-STAR Assessment, a newly established cloud security certification scheme with a focus on Greater China.

With this latest achievement, Ribose has become one of the first organizations – and the first Software-as-a-Service CSP – certified to C-STAR Assessment, and the world’s only CSP compliant to all three of CSA’s globally recognized cloud assurance programs in the Security, Trust and Assurance Registry (STAR) family: STAR Attestation, STAR Certification, and C-STAR Assessment.

C-STAR Assessment was jointly developed by the CSA and CEPREI Certification Body as a China-focused cloud security certification that harmonizes CSA’s Cloud Controls Matrix (CCM) with Chinese national standards. As a rigorous third-party assessment of a CSP’s security management, C-STAR Assessment aligns to Chinese information security requirements compliant to the following standards:

Raising the bar on established international standards, C-STAR Assessment consists of additional control requirements to those of STAR Certification and STAR Attestation, requiring 29 supplementary security and privacy controls on top of CCM 3.0.1. In particular, it requires organizations to respect and protect users’ privacy in accordance with internationally accepted privacy principles, as well as Chinese and international privacy laws and regulations, with explicit requirements on the personal-identifiable information (PII) lifecycle and risk assessments on PII.

Ribose was invited by the CSA and CEPREI to participate in the C-STAR Assessment pilot scheme based on its past participation in CSA STAR – as well as its previous collaboration with CEPREI in becoming the first CSP to complete the Hong Kong / Guangdong Cloud Security Assessment Scheme (HK/GD CSAC) pilot. Stemming from its involvement in the pilot scheme, Ribose assisted in translating C-STAR documentation and controls into English and providing feedback to the C-STAR scheme.

According to Jim Reavis, Co-founder and CEO of CSA, “We congratulate Ribose on becoming the first Cloud Service Provider outside Mainland China to complete the CSA C-STAR Assessment. As a pioneer in cloud security, Ribose has unquestionably demonstrated that Chinese and international cloud security standards are fully compatible. As the world's first CSP simultaneously certified to all three of our globally recognized assurance programs: STAR Attestation, STAR Certification, and C-STAR Assessment, Ribose has reinforced their commitment to protecting users by demonstrating their practices are triple-assured through independent validation. They definitely stand among industry role models for cloud security practices.”

“We believe C-STAR represents strong security assurance for cloud users,” said Aloysius Cheang, Managing Director APAC and the head of Standards Secretariat for the Cloud Security Alliance. “The certification process allows CSPs to simultaneously align to both international and Chinese standards, while achieving operational excellence through alignment of best practices and improved transparency. Using the CSA C-STAR Assessment, CSPs will be able to give customers greater peace of mind and a better understanding of their security management procedures.”

Mr. Zhao Guoxiang, Managing Director of CEPREI, China’s national certification body, explained, “C-STAR allows Chinese CSPs to demonstrate their commitment to cloud security, while also allowing foreign CSPs to demonstrate compliance with Chinese standards and regulations – giving them a competitive edge over other CSPs seeking to expand their operations in China. As China’s first internationally aligned cloud security assessment, C-STAR is being adopted by leading corporations including Ribose, Huawei and Bluedon – and has generated international interest from the cloud computing industry, demonstrating that Chinese and international cloud security standards are compatible and complementary.

“We would like to thank CEPREI and CSA for inviting Ribose to join the C-STAR pilot program,” said Ronald Tse, founder of Ribose. “In recent years, Asia has been a forerunner in the development of cloud security standards – with new standards being developed in Singapore, Hong Kong, Guangdong and now C-STAR, which is a nationwide Chinese standard. Based in Asia, Ribose was the first CSP to achieve Singapore’s Multi-Tier Cloud Security (MTCS, SS 584:2013) certification, where we achieved the highest security level, Level 3. We were also the first CSP to complete the HK CSAC scheme, as well as the first CSP outside mainland China to complete the C-STAR Assessment.”

Tse continued, “Ribose respects the development of regional cloud assessment schemes as each country has different cloud security requirements. Our platform is certified to multiple national, regional and international standards because we are committed to our users – wherever they are based. The need to collaborate is natural and universal.”

“Therefore, Ribose has adopted and advocates a ‘highest-bar’ approach to cloud security. By ensuring our cloud security meets the most stringent specified requirements, we are able to provide a higher level of security for all users,” concluded Tse. “Completing the C-STAR Assessment provides our international users with the benefit of tighter security oversight for greater peace of mind in working with colleagues around the globe.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun while keeping your data safe. As the world’s first cloud service provider certified to MTCS (Multi-Tier Cloud Security), CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment, Ribose has been consistently awarded the industry's highest cloud security ratings year after year: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About The Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by the cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA has developed the definitive best practices for the industry, including the “Security Guidance for Critical Areas of Focus in Cloud Computing”, the “Cloud Controls Matrix”, “Top Threats to Cloud Computing” and 50 other cloud security research artifacts.

For further information, visit us at www.cloudsecurityalliance.org.

About CEPREI Certification Body

CEPREI Certification Body is the leading third-party certification body in China, having first introduced the concept of certification to China in 1979. Originating from the Inspection Division of the China Electronic Product Reliability and Environmental Research Institute (the Fifth Electronics Research Institute of the Ministry of Industry and Information Technology), the nation’s first scientific research organization engaging in product quality and reliability research, CEPREI operates in multiple jurisdictions around the world.

Accredited by CNAS (China National Accreditation Service), ANAB (ANSI-ASQ National Accreditation Board) and APMG International, its clients are well assured that their certifications are recognized worldwide.

For more information please visit: ceprei.org

###

 

Read More

Ribose becomes first cloud service provider to complete Hong Kong/Guangdong cloud security assessment and certification pilot scheme

Hong Kong/Guangzhou, 14 January 2015Ribose has completed the first Hong Kong/Guangdong cloud security assessment and certification pilot scheme.

Supported by the Hong Kong/Guangdong Expert Committee on Cloud Computing Services and Standards, the scheme is sponsored by the Economic and Information Commission of Guangdong Province (GDEI) and operated by Guangzhou-based CEPREI Certification Body. The Office of the Government Chief Information Officer (OGCIO) coordinates Hong Kong cloud service providers’ (CSPs’) participation in the scheme.

The scheme evaluates CSPs’ compliance with CEPREI’s newly developed cloud security management standard, based on international and China-specific information security and data protection standards, including: GB/T 22080-2008 (ISO/IEC 27001:2005), GB/T 22239-2008, GB/Z 28828-2012 and CSA’s Cloud Control Matrix 3.0.

Ribose represented Hong Kong as one of the participants in the pilot scheme, helping to improve standards and operational details, by drawing on its experience in cloud security compliance and best practices.

“We are pleased that Ribose, a pioneer in cloud security, participated in the pilot scheme. Given its small company size, Ribose’s achievement demonstrates its excellence in innovation,” remarked Victor Lam, the Acting Government Chief Information Officer of Hong Kong. “Ribose has shown Hong Kong’s strength as Asia’s leading digital city and our natural advantage in connecting China to the world.”

Liu Xiaoyin, Technical Director of CEPREI, commented, “As China’s first cloud security certification body, we believe regional cloud security standards must harmonize with international specifications. The fact that Ribose, a non-mainland-China-based company, has successfully completed the assessment demonstrates that Chinese and international standards are compatible and complementary.”

“Ribose was honored to participate in this cross-border cloud security assessment pilot,” said Ronald Tse, founder of Ribose. “As the first CSP to pass the assessment, Ribose demonstrated that our systems meet the highest international and Chinese information security standards. With our security focus, our customers in China can freely collaborate and innovate with confidence and peace of mind.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun. A forerunner in cloud security, Ribose is the world’s first cloud service provider certified to CSA STAR using CCM 3.0.1 and MTCS. It is also certified to ISO/IEC 27001, ISO/IEC 20000-1, CDSA CPS and SOC standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About OGCIO

The Office of the Government Chief Information Officer of the Hong Kong Special Administrative Region Government provides leadership for the development of information and communications technology (ICT) within and outside the Government, and is responsible for ICT policies, strategies, programs and measures under the Digital 21 Strategy: ogcio.gov.hk

About CEPREI Certification Body

CEPREI Certification Body is the leading third-party certification body in China, having first introduced the concept of certification to China. Originating from the China Electronic Product Reliability and Environmental Research Institute (the Fifth Electronic Institute), the nation’s first scientific research organization engaging in product quality and reliability research, CEPREI operates internationally: ceprei.org

###

 

Read More

Ribose first to achieve CSA STAR Certification with new CCM 3.0.1 cloud security standard

Hong Kong, 17 November 2014 – Ribose has become the world’s first cloud service provider (CSP) to achieve STAR Certification from the Cloud Security Alliance (CSA) compliant to the latest Cloud Controls Matrix (CCM) 3.0.1 cloud security standard. Ribose is also the first CSP to have achieved two consecutive STAR Gold Certifications, indicating the maturity level of its security controls.

STAR Certification, the internationally-recognized cloud security certification program jointly developed by CSA and BSI, specifies comprehensive and stringent cloud security requirements on CSPs. Ribose’s latest certification was awarded by BSI, and Ribose is currently the only CSP worldwide with STAR Certification compliant to the CCM 3 family of cloud security standards.

“Users depend on the Ribose platform to work and innovate with others. By achieving compliance to the most comprehensive cloud security standard to date, users can rest assured relying on Ribose for their success,” noted Ronald Tse, founder of Ribose. “Receiving two consecutive Gold ratings testifies to our commitment in protecting users’ information and privacy to the greatest extent.”

David Horlock, Asia Pacific Managing Director of BSI, remarked, “In today’s connected world, cloud security and privacy are more important than ever. In becoming the world’s first organization certified to the latest cloud security standard CCM 3.0.1, Ribose has again demonstrated its commitment to protecting its users’ data by adopting world-class best practice in cloud security.”

“Cloud security is an ongoing matter, and CSA continuously updates the CCM and the STAR Certification program to address the latest concerns. As a pioneer in cloud security, Ribose is leading the industry by certifying to the CCM 3.0.1 cloud security standard, reinforcing its commitment to providing a safe, secure collaboration platform,” explained Jim Reavis, CEO of CSA.

Aloysius Cheang, Standards Secretariat and Managing Director APAC of CSA, said, “CCM 3.0.1 represents over a year of our work in addressing the latest cloud security concerns and industry best practices. In certifying to the latest cloud security standard, Ribose gives its users confidence that their information is well-protected.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun. A forerunner in cloud security, Ribose is the world’s first cloud service provider certified to CSA STAR using CCM 3 and MTCS. It is also certified to ISO/IEC 27001, ISO/IEC 20000-1 and CDSA CPS standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) helps businesses turn best practices into habits of excellence. As the world’s first national standards body and a founding member of ISO, BSI’s standards inspire excellence across the globe: bsigroup.com.

About CSA

The Cloud Security Alliance is a not-for-profit organization led by a broad industry coalition. Dedicated to promote the use of best practices for providing security assurance within Cloud Computing, CSA also provides education on the uses of Cloud Computing to help secure all other forms of computing: cloudsecurityalliance.org­­.

###

 

Read More

Ribose awarded PAS 99 certification for integrated management systems

Ribose awarded PAS 99 certification for integrated management systems

Achieves internationally certified corporate governance and compliance management

Hong Kong, 17 June 2014 – Ribose has achieved PAS 99:2012 certification, the internationally accepted framework for integrated management systems (IMS).

Ribose is the first collaboration platform in the world and the first organization in Hong Kong to achieve this certification. Ribose’s IMS integrates its existing business continuity and information security management systems, satisfying both ISO 22301:2012 and ISO 27001:2013, the international standards for business continuity and information security, respectively.

Ribose’s certification was awarded by BSI (British Standards Institution), the originator of the PAS 99, ISO 22301 and ISO 27001 standards. Certification is awarded only after an independent accredited auditor has thoroughly checked all applications, systems, processes and services.

PAS 99 is a framework for integrating management systems built on different management systems standards (MSS). It specifies requirements for streamlining and managing MSSs, allowing for improved business focus, a more universal approach to risk mitigation and improved operational efficiency.

“Ribose is dedicated to providing our users with the highest standards of service. Achieving PAS 99 certifies that our management systems are tightly integrated – including our highly dynamic information security management system, which has been awarded numerous security certifications such as ISO 27001, CSA STAR and CDSA CPS,” explained Ronald Tse, founder of Ribose. “We believe the holistic approach is key to effective collaboration, and we’ve taken that to heart in integrating our management systems – which will augment service for all users.”

Emmanuel Herve, Managing Director of BSI Hong Kong, stated: “By achieving PAS 99 certification for its IMS, Ribose has again demonstrated its commitment to industry-leading corporate governance. The certified efficiency of its management systems allows Ribose to focus its resources on enhancing its platform, and delivering effective solutions to users.”

# # #

About Ribose

Ribose makes collaborating easy and fun. Whether planning business projects or social events, the Ribose platform helps users collaborate through world-class security certified to the highest standards, including ISO 27001, CSA STAR and CDSA CPS. Also available as part of the UK Government's G-Cloud program, Ribose is free to use: http://www.ribose.com.

About BSI

The British Standards Institution is the business standards company that helps businesses turn best practices of into habits of excellence. As the world’s first national standards body and a founding member of ISO, BSI is an organization whose standards inspire excellence across the globe: http://www.bsigroup.com

###

 

Read More

Ribose becomes world’s first collaboration platform to achieve ISO 22301 certification

Ribose becomes world’s first collaboration platform to achieve ISO 22301 certification

Proven commitment to business continuity and service availability

Hong Kong, 2 June 2014 – Ribose has become the world’s first online collaboration platform and the first organization in Hong Kong to achieve ISO 22301:2012 certification, upholding its steadfast commitment to the highest standards of availability for all users.

Certifying resilience against business disruptions and other exceptional events, ISO 22301 specifies demanding requirements for implementing, operating, maintaining and improving business continuity management systems. Certification requires an independent auditor assessment of all applications, systems, processes and services. Ribose’s certification is awarded by BSI (British Standards Institution), the originator of the ISO 22301 standard, and accredited by the United Kingdom Accreditation Service (UKAS).

According to Ribose founder Ronald Tse, “Users rely on the Ribose platform for their mission-critical collaboration needs, so the continuity and availability of our service are paramount. Our ISO 22301 accreditation is testament to our ability to maintain uninterrupted service – anytime, anywhere, under any circumstances.”

Emmanuel Herve, Managing Director of BSI Hong Kong, stated: “As the first collaboration platform to achieve ISO 22301 certification, Ribose has demonstrated its technical ability and dedication to assuring service continuity for its users. We commend Ribose for going the extra mile to test and verify its service availability through independent assessments and certifications, taking significant steps to ensure continuous access for all users.”

About Ribose

Ribose makes collaborating easy and fun. Whether planning business projects or social events, the Ribose platform helps users collaborate through enterprise-strength security certified to the highest standards, including ISO 27001, CSA STAR, and CDSA CPS. Also available as part of the UK Government's G-Cloud program, Ribose is free to use: http://www.ribose.com.

About BSI

The British Standards Institution is the business standards company that helps businesses turn best practices of into habits of excellence. As the world’s first national standards body and a founding member of ISO, BSI is an organization whose standards inspire excellence across the globe: http://www.bsigroup.com

Note: The term “certification” used here excludes unaccredited certifications.

###

 

Read More

Get Started

Getting Started