JavaScript is turned off in your web browser. To take full advantage of Ribose features, please enable JavaScript and refresh the page.

Ribose achieves ISO/IEC 27017 cloud security certification

World’s first SaaS platform compliant to international cloud security standard

[Hong Kong] – 9 June 2016 – Ribose has become the world’s first Software-as-a-Service platform to achieve certification to ISO/IEC 27017, an international standard for information security controls specifically designed for cloud services. Published by the International Standards Organization (ISO) and the International Electrotechnical Commission (IEC), ISO/IEC 27017 is a Sector-Specific Standard within the ISO/IEC 27001 (Information security management systems) family.

The cloud offers immense benefits, allowing cloud service customers to utilize the exact amount of computing resources needed at any given time. However, due to the open nature of the cloud environment – which provides broad network access, rapid elasticity, self-provisioning functionality and resource pooling – cloud information security needs differ greatly from the traditional environment ISO/IEC 27001 was originally designed to protect.

Addressing the specific needs of cloud security, ISO/IEC 27017 builds upon ISO/IEC 27001 – providing additional controls and implementation guidance on architecture, technology and processes to ensure information security is well protected in the cloud. Taking into account that many cloud service providers are often customers of other cloud services, ISO/IEC 27017 also specifies implementation guidelines for both cloud service customers and cloud service providers, emphasizing each entity’s role in cloud security and protecting end users’ information.

“The ISO/IEC JTC1 SC27 committee, which creates and manages the ISO/IEC 27001 family of standards, first approved the proposal for a cloud security management standard proposed by Japan in October 2011. ISO/IEC 27017, having been through 5 years of dedicated work, was finally published in December 2015, provides a code of practice for information security management for cloud services. In achieving this certification, Ribose has demonstrated its commitment and effort towards protecting user information in the cloud," commented Tadashi Nagamiya, Secretary General of JASA, Japanese representative for ISO/IEC JTC1 SC27, and one of the original authors and proposer of ISO/IEC 27017.

As the first cloud service provider to achieve CSA CCM 3 compliance, CSA STAR Attestation and Singapore’s MTCS, Ribose was able to satisfy the recommendations set forth in ISO/IEC 27017 with its existing systems and processes.

Emmanuel Hervé, Vice President of Standards and Professional Services, BSI Asia Pacific, and Managing Director, BSI Hong Kong, remarked, “We commend Ribose’s dedication to protecting its users information to the highest standards. As the originator of the ISO/IEC information security management system standard, and the first certification body offering a robust certification program for ISO/IEC 27001 sector specific standards, BSI worked closely with Ribose and experts from ISO/IEC JTC 1 SC 27 in the development of the ISO/IEC 27017 certification scheme – ensuring our rigorous certification program accurately assesses adherence to the standard.” 

Ronald Tse, founder of Ribose, explained, “ISO/IEC 27017 certification clearly demonstrates Ribose’s unwavering commitment to cloud security. We are proud to be the world’s first cloud service provider to achieve simultaneous CSA STAR Certification, STAR Attestation and C-STAR Assessment together with ISO/IEC 27017. Although some overlap exists, ISO/IEC 27017 has proven to be complementary to our existing regional and global cloud security requirements.”

Tse continued, “Ribose has always maintained a tight reputation as a pioneer in cloud security. Our new ISO/IEC 27017 certification confirms we are deploying proper controls to secure our own platform, as well as to protect our customers’ data through the suppliers we rely upon to deliver our services.”

“By taking the highest bar approach to cloud security, Ribose gives users the peace of mind to freely create and collaborate on our platform – knowing their confidential information is protected by multiple international certifications to the highest levels of cloud security,” concluded Tse.

# # #

About Ribose

Ribose is the award-winning secure cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Trusted by regulated industries and users with heightened security needs, it is the world’s first cloud platform to achieve MTCS (Multi-Tier Cloud Security) and the only cloud service provider to be triple assured by the Cloud Security Alliance: CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

Ribose has won numerous awards including the CSA APAC Enterprise Award for Security Innovation of the Year, Gold Stevie® Awards at the International Business Awards for Most Innovative Company in Asia and Best New Collaboration Service, and has been named a Red Herring Top 100 Global company.

Ribose is certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. As the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO), BSI is responsible for originating many of the world’s most commonly used management systems standards and publishes over 2,700 standards annually.

Read More

Ribose at Singapore's CloudAsia 2016

Ribose is in Singapore for CloudAsia 2016!

Thanks to the kind invitation by the IDA, we have a booth at the Suntec Convention Centre (4/F), within the IDA Pavilion which is right at the front door.

We'll be around from May 3-5. Feel free to come say "hi"!

Read More

Ribose wins Security Innovation of the Year by Cloud Security Alliance APAC

[Hong Kong] – 21 January 2016 – Ribose has been named Security Innovation of the Year by the Cloud Security Alliance (CSA), the premier organization for the cloud security industry.

Ribose received the award at the CSA APAC Inaugural Awards Ceremony on 3 December 2015 in Guangzhou, China after careful appraisal of professionalism, excellence, innovation and measurable success by the judging committee. The prestigious award recognizes the very best in the technology industry, rewarding industry-leading organizations for innovation and performance in the cloud sector. Ribose was named Security Innovation of the Year alongside Trend Micro and DBApp Security, recognizing its genuinely innovative approach to cloud security.

Ribose is actively involved with the CSA on cloud security matters, with Ribose founder Ronald Tse a member of its International Standardization Council – which develops international standards relating to cloud security with multiple partners including the ISO/IEC JTC1 SC27, the group that created the ISO/IEC 27001 international standard for Information Security Management Systems. Since joining the CSA in 2013, Ribose has participated in multiple CSA research programs to promote and develop improved cloud security practices for both users and providers.

As a result, Ribose holds numerous cloud security “firsts” and heavily participates in multi-jurisdictional cloud security programs, believing the practice should be an industry standard as Cloud Security Providers (CSPs) must ensure the security of users’ data across geopolitical and regulatory borders.

A pioneer in cloud security, Ribose was the first CSP to adopt and promote CSA’s CCM 3 control framework, and the world’s first CSP simultaneously certified to all three of CSA’s cloud security assessment schemes: STAR Certification to the highest Gold maturity level, STAR Attestation and C-STAR Assessment. Ribose was the first organization worldwide to achieve CSA STAR Attestation and STAR Certification using CCM 3.0 and CCM 3.0.1; as well as the first Software-as-a-Service (SaaS) to achieve STAR Certification and C-STAR Assessment.

According to Jim Reavis, CEO and co-founder of the CSA, “We first invited Ribose to join CSA having seen their dedication to providing the best security protection to their users. As pioneers in cloud security, Ribose is leading the industry in pursuing security assurance for its users, and became the world’s first organization simultaneously certified to all three of CSA’s cloud security assessment schemes: STAR Certification, STAR Attestation and C-STAR Assessment. In naming Ribose as Security Innovation of the Year, we are recognizing its dedication to providing the highest level of security protection for users and its commitment to benefitting the entire cloud security industry through its work with the CSA.”

“Ribose serves as a leading example for CSPs in Asia, setting best practices in user security and privacy,” said Aloysius Cheang, Managing Director APAC and Standards Secretariat of the CSA International Standardization Council. “Asia is fast rising as the next hub of innovation in the technology space, and certified world-class organizations like Ribose are leading the charge. By using CCM extensively, and assisting in its development, Ribose has pioneered a high bar approach to cloud security – adopting a streamlined process that provides robust protection for all users.”

“Winning this recognition is a high honor for Ribose, as we work closely with many industry bodies like the CSA – the authority on cloud security. We are thrilled to win this honor, which stands as an external testament to our deep commitment to cloud security and the effectiveness of our approach and implementation,” explained Ronald Tse, founder of Ribose.

Tse continued, “CSA is the de-facto cloud security industry body, and their research has strongly influenced the cloud security industry as well as the most – if not all – cloud security standards used around the world today. As a corporate member of the CSA and a leader in cloud security, we strongly support the CSA’s work and have helped them to develop and drive industry standards, thereby improving confidence for both cloud providers and users around the globe.”

“As a collaboration platform, Ribose depends on the highest levels of cloud security to protect our users’ intellectual property. Knowing that their work is protected by award-winning, internationally certified levels of security gives our users the peace of mind to focus on their tasks at hand,” Tse concluded.

# # #

About Ribose

Ribose is the cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Triple-assured by the Cloud Security Alliance, Ribose is the world’s first cloud service provider certified to CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and MTCS (Multi-Tier Cloud Security), and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

In 2015, Ribose was selected as a Red Herring Top 100 Global company, joining a prestigious list of up-and-coming technology companies; won two Gold Stevie® Awards at the 2015 International Business Awards for Most Innovative Company in Asia and Best New Collaboration Service, and was also awarded the CSA APAC Enterprise Award for Security Innovation of the Year.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About The Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by the cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA has developed the definitive best practices for the industry, including the Security Guidance for Critical Areas of Focus in Cloud Computing, the Cloud Controls Matrix, Top Threats to Cloud Computing and 50 other cloud security research artifacts.

For further information, visit us at www.cloudsecurityalliance.org.

Read More

Ribose achieves certification to ISO/IEC 27018 for cloud privacy protection

Award winning collaboration platform compliant to international cloud privacy standard

[Hong Kong] – 18 December 2015 – Ribose has achieved certification to ISO/IEC 27018, an international standard recently published by the International Standards Organization (ISO) that provides a code of practice for the protection of personally identifiable information (PII) in public clouds for PII processors.

Created as an extension of the ISO/IEC 27001 standard for information security management systems, ISO/IEC 27018 describes commonly accepted control objectives, controls and guidelines to ensure that PII data is adequately protected when processed by a cloud PII processor, providing a common compliance framework for CSPs operating in multinational markets. Based on the eleven privacy principles contained in ISO/IEC 29100, ISO/IEC 27018 specifies how to apply them within the ISMS framework for privacy protection in the cloud.

This certification means that data managed by Ribose will never be sold to a third-party for advertising, nor subcontracted to parties they may breach the integrity of users’ data. This also means that users retain full control of their data stored on Ribose, and that the company is transparent about where users’ data resides and how it is processed.

“The ISO/IEC JTC 1 SC 27 committee creates and manages the ISO/IEC 27001 family of standards, which includes ISO/IEC 27018 – Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors. In 2014, ISO/IEC published the 1st Edition of ISO/IEC 27018 which provides control guidelines in support of an information security management system as stipulated in ISO/IEC 27001. Ribose has extended considerable effort towards advancing protection of privacy in the cloud, as recognized through its successful completion of a formal review process in 2015, and is to be commended for all their efforts,” said Dale Johnstone, Vice-Convener of ISO/IEC JTC1 SC 27 / WG 1.

“BSI is the originator of the ISO/IEC 27000 family of international information security standards, of which ISO/IEC 27018 is a part. As a contributor to the ISO/IEC 27018 standard, we worked closely with Ribose and experts from ISO/IEC JTC 1 SC 27 – the subcommittee that developed the standard – to ensure our rigorous certification program accurately assessed their adherence to the standard. We commend Ribose’s commitment to protecting its users’ privacy, and appreciate the valuable feedback they provided during the pilot program,” said Emmanuel Hervé, Vice President of Standards Professional Services, BSI Asia Pacific and Managing Director, BSI Hong Kong.

“Ribose is proud to be the first CSP that provides ISO/IEC 27018-level privacy protection to all users – including paid and free users,” explained Ronald Tse, founder of Ribose. “Our certification demonstrates that ISO/IEC 27018 is complementary with existing global and regional cloud security standards, including CSA’s CCM and C-STAR, Singapore’s MTCS and Chinese national standards.”

“As a pioneer in cloud security and privacy, we apply a ‘highest bar’ approach to implement the most stringent, internationally-certified security standards across every jurisdiction where we operate: Hong Kong, US, UK/EU, Australia, New Zealand, Singapore and China. We believe that privacy is a right, not a luxury – and protecting our users’ data and privacy is paramount,” continued Tse.

Tse concluded, “In today’s connected world, privacy is more important than ever for collaborative work – which often includes confidential commercial data. With increasing amounts of sensitive information being stored in the cloud, the consequences of a data breach could be disastrous for organizations, users, and their data subjects. Privacy and security are the ultimate differentiators, and Ribose is certified to the highest standards in the world.”

# # #

About Ribose

Ribose is the cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Triple-assured by the Cloud Security Alliance, Ribose is the world’s first cloud service provider certified to CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and MTCS (Multi-Tier Cloud Security), and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

This year, Ribose won two Gold Stevie® Awards at the 2015 International Business Awards, where it was named Most Innovative Company in Asia and Best New Collaboration Service. It was also selected as a Red Herring Top 100 Global company, joining a prestigious list of up-and-coming technology companies; and awarded the CSA APAC Enterprise Award for Security Innovation of the Year.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. As the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO), BSI is responsible for originating many of the world’s most commonly used management systems standards and publishes over 2,700 standards annually.

Independently assessed and accredited globally by ANAB (ANSI-ASQ National Accreditation Board) and by over 26 other accreditation bodies around the world including UKAS (United Kingdom Accreditation Service), BSI is globally recognized as a champion of best practice.

For more information, please visit: bsigroup.com.

Read More

Ribose Wins Red Herring Top 100 Global Award

Joins prestigious list of global technology innovators with its secure cloud collaboration platform

[Hong Kong] – 24 November 2015 – Ribose has become the first secure cloud collaboration company to win an exclusive Red Herring 2015 Top 100 Global Award, joining a prestigious list of rising technology stars. Ribose’s platform democratizes collaboration technology – previously only affordable to large enterprises and government organizations – by putting world-class security and technology into the hands of all users, absolutely free.

This year’s Top 100 Global award had a particularly competitive lineup consisting of previous winners of the Top 100 Asia, Europe and North America awards over the past 3 years. Red Herring launched the Top 100 Global forum knowing the value of an international gathering where entrepreneurs, financiers, and corporate executives could meet and build meaningful relationships, both personal and professional, in a private and intimate setting.

Red Herring’s Top 100 Global is a prestigious recognition that recognizes the most promising private technology ventures from Asia, Europe and North America. The list has become a mark of distinction for up-and-coming companies and entrepreneurs, and Ribose joins prominent previous Top 100 Global alumni including Google, Facebook, Twitter, Skype, Salesforce.com, eBay and YouTube. This global award follows Ribose’s selection as winner of Red Herring’s Top 100 Asia in September 2015.

Every year, the Red Herring editorial team selects nominees for evaluation based on a number of quantitative and qualitative factors, including financial performance, technological innovation, quality of management, execution of strategy and integration into their respective industries. After presenting its secure cloud collaboration platform to judges at the Red Herring Global Forum held in Los Angeles, California on 17-19 November 2015, Ribose was named a winner of this year’s award.

Over the past year, Ribose became the world’s first cloud service provider triple-assured by the Cloud Security Alliance (CSA), having achieved all three of the CSA’s stringent assurance programs. Moreover, Ribose has created the world’s most extensive integrated management system certified to the PAS 99 standard, and become the first organization outside the UK to achieve ISO 9001:2015 certification and the world’s 2nd organization to receive ISO14001:2015 certification. Working to ensure the security of users’ information, the company also received certification to ISO/IEC 27018 for cloud privacy in September.

Ribose provides the world’s most stringent specified security requirements for all users by advocating a ‘highest-bar’ approach to cloud security and privacy. With its accessibility, dependability and security, the Ribose platform gives users the peace of mind to focus on their tasks at hand.

“It was a challenging task to select the ‘best of the best’ from the past 3 years’ winners,” said Alex Vieux, publisher and CEO of Red Herring. “After rigorous contemplation and discussion, we narrowed our list down from 1,200 potential companies to 200 finalists. The top 100 companies that were chosen should be extremely proud. Ribose - with its focus on cloud security, data privacy and management standards – distinguished itself from an extremely competitive field through its vision, drive and commitment to innovation.”

“Offering enterprise-strength collaboration technology with world-class security to all users, completely free of charge, Ribose has shifted the paradigm of the cloud collaboration space. Giving individuals and teams the tools to work seamlessly together beyond the constraints of time and physical location, Ribose has created a platform truly worthy of inclusion in Red Herring’s Top 100 Global – thereby joining a distinguished list of leaders and innovators in the technology industry,” said Anam Alpenia, Managing Director of Herring International.

Ribose founder Ronald Tse added, “Ribose is delighted to be named as a Red Herring Top 100 Global company following our inclusion in Red Herring’s Top 100 Asia list in September 2015. We stand humbled alongside the highly successful private companies at the competition this year, and truly appreciate the judges’ recognition of our mission to democratize secure cloud collaboration and the dedication of our team.

“As the world becomes more globalized; people become more interconnected; and innovation and inventions increasingly arise from multidisciplinary work that spans the globe. By facilitating teamwork and collaboration, Ribose is empowering entrepreneurs and inventors around the world to work together for the benefit of future generations,” explained Tse.

Tse concluded, “We’d like to thank Alex and the team at Red Herring for their vision and foresight in identifying the world’s most promising up-and-coming technology pioneers. This award is a source of great pride and encouragement to our team at Ribose, inspiring us to charge ahead with our mission of bringing world-class, highly secure collaboration technology to all of our users.”

# # #

About Ribose

Ribose is the cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Triple-assured by the Cloud Security Alliance, Ribose is the world’s first cloud service provider certified to CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and MTCS (Multi-Tier Cloud Security), and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

This year, Ribose won two Gold Stevie® Awards at the 2015 International Business Awards, where it was named Most Innovative Company in Asia and also Best New Collaboration Service; and was also named a Red Herring Top 100 Global winner, joining a prestigious list of up-and-coming technology companies.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About Red Herring

Red Herring is a global media company which unites the world’s best high technology innovators, venture investors and business decision makers in a variety of forums, including print, online and exclusive exclusive events for technology leaders around the globe. Red Herring provides an insider’s access to the global innovation economy, featuring unparalleled insights on the emerging technologies driving the economy.

Its Red Herring 100 awards for North America, Europe, Asia and Global have recognized more than 5,000 companies in their early stages, including Baidu, Google, eBay and Skype.

For more information, please visit: http://www.redherring.com.

###

Read More

Get Started

Getting Started