JavaScript is turned off in your web browser. To take full advantage of Ribose features, please enable JavaScript and refresh the page.

Our biking team won a trophy!

A huge congrats to our biking team, who brought home a gold trophy for having the best time at the Corporate category of Vitagreen Cycling Marathon Challenge 2015!

Read More

Ribose achieves world’s first CSA STAR Attestation from Ernst & Young: First CSP to achieve STAR Attestation and STAR Certification simultaneously

Hong Kong / Seattle / London, 14 January 2015 – Ribose has become the world’s first cloud service provider (CSP) to achieve Cloud Security Alliance's (CSA) STAR Attestation, and is currently the only CSP to have achieved both STAR Certification and STAR Attestation.

STAR Attestation provides a framework for Certified Public Accountants to express an opinion of key factors relating to CSPs’ service descriptions, as well as suitability and effectiveness of systems controls. Ribose’s achievement was accomplished through completing a Service Organization Controls (SOC) 2 attestation performed by global professional services organization Ernst & Young (EY), using criteria from the 2014 edition of American Institute of Certified Public Accountants' (AICPA) Trust Service Principles and Criteria (TSP 100) together with CSA’s Cloud Controls Matrix (CCM) 3.0.1.

According to Jim Reavis, CEO of CSA, “Our mission is to promote trust and transparency in the cloud, and STAR Attestation plays a key role in achieving this goal. As the first CSP to achieve STAR Attestation, Ribose has strengthened its position as a pioneer in cloud security – and also proven the tremendous value of demonstrating cloud security compliance through AICPA attestations with CCM. This is a major milestone for both Ribose and CSA.”

“This engagement is the first STAR Attestation globally, representing a significant achievement for Ribose, CSA and EY. In fact, our professionals had to develop new methodology to integrate the new CCM and TSP 100 standards in a streamlined attestation process,” explained Vincent Chan, Advisory Services Leader for EY Hong Kong and Macau. “EY was a natural choice for Ribose’s attestation as our partners were involved with the development of the STAR attestation scheme.”

Ribose founder Ronald Tse remarked, “Achieving STAR Attestation in conjunction with our existing STAR Certification is powerful, independent proof that Ribose provides the highest standards of security and availability – which means our users can rely on our platform to collaborate on valuable intellectual property and confidential data with peace of mind.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun. A forerunner in cloud security, Ribose is the world’s first cloud service provider certified to MTCS, STAR Attestation and STAR Certification (CCM 3.0.1). It is also certified to ISO/IEC 27001, ISO/IEC 20000, CDSA CPS and SOC standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About CSA

The Cloud Security Alliance is a not-for-profit organization led by a broad industry coalition. Dedicated to promote the use of best practices for providing security assurance within cloud computing, CSA also provides education on the uses of cloud computing to help secure all other forms of computing: cloudsecurityalliance.org­­.

About EY

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. For more information, visit ey.com.

###

 

Read More

Ribose becomes first cloud service provider to complete Hong Kong/Guangdong cloud security assessment and certification pilot scheme

Hong Kong/Guangzhou, 14 January 2015Ribose has completed the first Hong Kong/Guangdong cloud security assessment and certification pilot scheme.

Supported by the Hong Kong/Guangdong Expert Committee on Cloud Computing Services and Standards, the scheme is sponsored by the Economic and Information Commission of Guangdong Province (GDEI) and operated by Guangzhou-based CEPREI Certification Body. The Office of the Government Chief Information Officer (OGCIO) coordinates Hong Kong cloud service providers’ (CSPs’) participation in the scheme.

The scheme evaluates CSPs’ compliance with CEPREI’s newly developed cloud security management standard, based on international and China-specific information security and data protection standards, including: GB/T 22080-2008 (ISO/IEC 27001:2005), GB/T 22239-2008, GB/Z 28828-2012 and CSA’s Cloud Control Matrix 3.0.

Ribose represented Hong Kong as one of the participants in the pilot scheme, helping to improve standards and operational details, by drawing on its experience in cloud security compliance and best practices.

“We are pleased that Ribose, a pioneer in cloud security, participated in the pilot scheme. Given its small company size, Ribose’s achievement demonstrates its excellence in innovation,” remarked Victor Lam, the Acting Government Chief Information Officer of Hong Kong. “Ribose has shown Hong Kong’s strength as Asia’s leading digital city and our natural advantage in connecting China to the world.”

Liu Xiaoyin, Technical Director of CEPREI, commented, “As China’s first cloud security certification body, we believe regional cloud security standards must harmonize with international specifications. The fact that Ribose, a non-mainland-China-based company, has successfully completed the assessment demonstrates that Chinese and international standards are compatible and complementary.”

“Ribose was honored to participate in this cross-border cloud security assessment pilot,” said Ronald Tse, founder of Ribose. “As the first CSP to pass the assessment, Ribose demonstrated that our systems meet the highest international and Chinese information security standards. With our security focus, our customers in China can freely collaborate and innovate with confidence and peace of mind.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun. A forerunner in cloud security, Ribose is the world’s first cloud service provider certified to CSA STAR using CCM 3.0.1 and MTCS. It is also certified to ISO/IEC 27001, ISO/IEC 20000-1, CDSA CPS and SOC standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About OGCIO

The Office of the Government Chief Information Officer of the Hong Kong Special Administrative Region Government provides leadership for the development of information and communications technology (ICT) within and outside the Government, and is responsible for ICT policies, strategies, programs and measures under the Digital 21 Strategy: ogcio.gov.hk

About CEPREI Certification Body

CEPREI Certification Body is the leading third-party certification body in China, having first introduced the concept of certification to China. Originating from the China Electronic Product Reliability and Environmental Research Institute (the Fifth Electronic Institute), the nation’s first scientific research organization engaging in product quality and reliability research, CEPREI operates internationally: ceprei.org

###

 

Read More

Ribose receives Hong Kong’s first SOC 2 / 3 reports from Ernst & Young -- Compliant to newly released AICPA TSP 100 common criteria and CSA’s CCM

Hong Kong, 15 December 2014 – Ribose received its first Service Organization Controls (SOC) 2 and SOC 3 reports – as well as the SysTrust seal – from international auditing firm Ernst & Young (EY).

SOC 2 and 3 are widely recognized attestations, providing independent validation that companies’ internal controls comply with applicable American Institute of Certified Public Accountants’ (AICPA) Trust Services Principles and Criteria (TSP 100).

SOC 2 Type II is an internal control report regarding risks associated with organizations’ services, including detailed testing of controls. SOC 3 is intended for public consumption and includes fewer details than SOC 2.

TSP 100, newly released in 2014, supersedes TSP section 100A from 2009 and features a consolidated set of “common criteria” replacing previously separated principles: security, availability, processing integrity, and confidentiality. This standard applies to attestations after 15 December 2014.

Ribose and EY adopted the revised standard as early as permitted by the AICPA. Ribose’s SOC 2 Type II and SOC 3 reports are based on TSP 100 security and availability principles, together with controls from CSA’s newly launched Cloud Controls Matrix (CCM) 3.0.1.

In completing the attestation, Ribose received the first SOC 2 Type II report in Hong Kong; and became the first organization to receive SOC 2 / SOC 3 reports complying to both AICPA TSP 100 and CSA’s CCM. Ribose’s SOC reports are among the earliest reports utilizing AICPA’s new common criteria.

“This engagement represents a significant milestone for EY and Ribose. We successfully integrated into our existing attestation methodology these new standards and streamlined processes to achieve multiple certifications,” said Vincent Chan, Advisory Services Leader for EY Hong Kong and Macau. “Ribose chose EY as their attestation partner as we are familiar with their operating environment, and our EY professionals have extensive experience and knowledge of cloud operations and security.”

Ribose founder Ronald Tse explained, “Ribose is dedicated to helping people collaborate better; and the quality, security and reliability of our platform are paramount to achieving this goal. Our SOC 2 / 3 examinations demonstrate that we have appropriate controls in place to mitigate security and availability risks – meaning organizations faced with compliance requirements around sensitive data can fully leverage the Ribose platform.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun. A forerunner in cloud security, Ribose is the world’s first cloud service provider certified to CSA STAR (CCM 3.0.1) and MTCS. It is also certified to ISO/IEC 27001, ISO/IEC 20000, CDSA CPS and SOC standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About EY

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. For more information, visit ey.com.

###

 

Read More

Ribose: World’s first cloud service provider certified to Multi-Tier Cloud Security standard achieves highest Level 3 security tier

Singapore/Hong Kong, 8 December 2014 – Ribose, the world’s first cloud service provider (CSP) certified to Singapore’s Multi-Tier Cloud Security (MTCS) program, has recently achieved the highest possible security tier: Level 3.

Initiated by the Infocomm Development Authority of Singapore (IDA) and launched by SPRING Singapore, the MTCS standard (SS 584:2013) specifies stringent security and operational requirements for CSPs, encouraging adoption of sound risk management and security practices. MTCS Certification specifies three tiers of security levels, with Level 3 being the highest. The Singapore Accreditation Council (SAC) has recently launched an accreditation program for MTCS Certification.

Ribose was the first CSP worldwide to achieve MTCS certification in June 2014 with a security tier of Level 1. Following a thorough evaluation by BSI (British Standards Institution), a participating Certification Body for the MTCS standard, Ribose has upgraded its certification to the highest security tier, Level 3 – indicating its platform is suitable for running high-impact workloads, serving business- and mission-critical purposes, and hosting sensitive information as well as highly confidential business data.

“Ribose is proud to be the first Software-as-a-Service (Saas) provider certified to the MTCS standard, and the first SaaS platform to achieve the coveted Level 3 security tier,” explained Ronald Tse, founder of Ribose.  “This is a major milestone for Ribose, confirming our platform’s government-approved security standards for handling users’ highly sensitive and confidential data.”

Owen Xu, General Manager of BSI Singapore, commented, “BSI takes pride in employing the most stringent auditing standards in the industry. With over 60,000 clients around the globe, our experts have audited many of the world’s largest companies and government organizations that require top-notch security. By achieving MTCS at Level 3, Ribose has demonstrated its platform’s security is indeed world-class.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun. A forerunner in cloud security, Ribose is the world’s first cloud service provider certified to CSA STAR (CCM 3.0.1) and MTCS. It is also certified to ISO/IEC 27001, ISO/IEC 20000 and CDSA CPS standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) helps businesses turn best practices into habits of excellence. As the world’s first national standards body and a founding member of ISO, BSI’s standards inspire excellence across the globe: bsigroup.com.

###

Read More

Get Started

Getting Started