JavaScript is turned off in your web browser. To take full advantage of Ribose features, please enable JavaScript and refresh the page.

Ribose Achieves Cloud Industry’s First Kitemark for Secure Digital Transactions

World's first collaboration platform certified to rigorous application security by BSI

Hong Kong – Ribose has become the world's first cloud Software-as-a-Service platform to achieve BSI's prestigious and highly selective Kitemark for Secure Digital Transactions, which certifies applications to ensure they have the appropriate security controls in place to handle highly sensitive information online through rigorous security testing.

Confidential financial and personal information is increasingly stored and shared, yet services themselves are subject to continuous threats and attacks at all times. According to PwC, 90% of large organizations have already suffered data breaches, and it is imperative for organizations to protect their own confidential information in the cloud through appropriate security.

Protection is especially necessary for collaborative data, which often contain the most valuable, yet most vulnerable assets of the organization – intellectual property, trade secrets or personal information about customers and employees, patient health information, and financial information.

BSI's Kitemark for Secure Digital Transactions is the most rigorous security testing program available to date that validates and evaluates the security of individual applications. Initially piloted by the banking industry, it is the latest member of the BSI Kitemark family, a symbol of trust and product quality that was first granted in 1903 and is highly recognized worldwide. BSI has also long been a pioneer in information security, being the originator of the international information security management system standard, ISO/IEC 27001.

An application certified to this Kitemark demonstrates rigorous validation to banking-grade security, as well as data protection measures of the organization that developed and operates the application, confirming it has been thoroughly tested and meets recognized standards for security, reliability and quality.

In order to receive the Kitemark for Secure Digital Transactions, the application or service must achieve three key criteria. First, a secure service must be developed and operated within a secure environment that emphasizes organizational security and process integrity. This criterion is best validated by requiring the organization itself to achieve and maintain certification to ISO/IEC 27001, covering all parts relating to the service and sensitive information it handles, including application development, infrastructure operations and transaction processing.

The second tenant of the Kitemark for Secure Digital Transactions is to achieve validation of application security, which requires the service to undergo rigorous internal and external penetration tests to the highest levels, ensuring there are no known significant vulnerabilities or security flaws. The application security tests are performed by a world-class, CREST-certified security team with over 30,000 hours of penetration testing experience, to the OWASP ASVS v2.0 standard – the most stringent in industry. Under Level 2 verification, Ribose is tested against 147 application security controls covering all facets of application security through black box and white box testing, from business logic to cryptography, static analysis to OWASP Top 10 vulnerabilities. This assures that the Ribose platform provides security assurance for significant transactions, including those that process healthcare information, implement business-critical or sensitive functions, or process other sensitive assets.

The third criterion is continual independent monitoring and assessment to ensure the security profile of the service provides assurance to the types of data it handles, including ongoing application security tests, organizational security audits, as well as Kitemark compliance audits and risk assessments.

According to Chris Lewis, Certification Director at BSI, "With a shift towards mobile and cloud computing, information security is increasingly becoming a key differentiator. Many organizations have good information security processes established but to achieve the BSI Kitemark for Secure Digital Transactions, their systems have to be regularly and independently tested with stringent penetration tests and monitoring. For Ribose to be first to achieve the BSI Kitemark for Secure Digital Transactions in the cloud industry, it reinforces their commitment to safeguarding their users' private information in their secure cloud services."

Emmanuel Hervé, Vice President of Standards and Professional Services, BSI Asia Pacific, and Managing Director, BSI Hong Kong, remarked, "The BSI name and the BSI Kitemark are recognized as symbols of trust, and we have a strong track record in promoting excellence in cyber and information security. The Kitemark demonstrates Ribose's commitment to the ongoing security of their cloud application and service. In becoming the first cloud service to achieve the new Kitemark for Secure Digital Transactions certification is proof of Ribose's pledge to be a pioneer in cloud security."

Ronald Tse, founder of Ribose, explained, "Our Kitemark certification is a testament to Ribose's unwavering commitment to providing a secure platform that prioritizes the protection of our customers' data. Building on our ISO/IEC 27017 cloud security and ISO/IEC 27018 cloud privacy certifications, this Kitemark provides reassurance that our application itself features appropriate protection for highly sensitive information."

"Ribose's highest bar approach to cloud security gives users the peace of mind to freely collaborate on mission critical projects, knowing their confidential information is protected to international cloud security standards, and now the BSI Kitemark. All of these certifications stand as testament to the security of the Ribose platform," Tse concluded.

Although no certification can ever guarantee 100% security, the BSI Kitemark for Secure Digital Transactions ensures a website or app has the appropriate security controls in place for the information it is handling.

Read More

Ribose achieves ISO/IEC 27017 cloud security certification

World’s first SaaS platform compliant to international cloud security standard

[Hong Kong] – 9 June 2016 – Ribose has become the world’s first Software-as-a-Service platform to achieve certification to ISO/IEC 27017, an international standard for information security controls specifically designed for cloud services. Published by the International Standards Organization (ISO) and the International Electrotechnical Commission (IEC), ISO/IEC 27017 is a Sector-Specific Standard within the ISO/IEC 27001 (Information security management systems) family.

The cloud offers immense benefits, allowing cloud service customers to utilize the exact amount of computing resources needed at any given time. However, due to the open nature of the cloud environment – which provides broad network access, rapid elasticity, self-provisioning functionality and resource pooling – cloud information security needs differ greatly from the traditional environment ISO/IEC 27001 was originally designed to protect.

Addressing the specific needs of cloud security, ISO/IEC 27017 builds upon ISO/IEC 27001 – providing additional controls and implementation guidance on architecture, technology and processes to ensure information security is well protected in the cloud. Taking into account that many cloud service providers are often customers of other cloud services, ISO/IEC 27017 also specifies implementation guidelines for both cloud service customers and cloud service providers, emphasizing each entity’s role in cloud security and protecting end users’ information.

“The ISO/IEC JTC1 SC27 committee, which creates and manages the ISO/IEC 27001 family of standards, first approved the proposal for a cloud security management standard proposed by Japan in October 2011. ISO/IEC 27017, having been through 5 years of dedicated work, was finally published in December 2015, provides a code of practice for information security management for cloud services. In achieving this certification, Ribose has demonstrated its commitment and effort towards protecting user information in the cloud," commented Tadashi Nagamiya, Secretary General of JASA, Japanese representative for ISO/IEC JTC1 SC27, and one of the original authors and proposer of ISO/IEC 27017.

As the first cloud service provider to achieve CSA CCM 3 compliance, CSA STAR Attestation and Singapore’s MTCS, Ribose was able to satisfy the recommendations set forth in ISO/IEC 27017 with its existing systems and processes.

Emmanuel Hervé, Vice President of Standards and Professional Services, BSI Asia Pacific, and Managing Director, BSI Hong Kong, remarked, “We commend Ribose’s dedication to protecting its users information to the highest standards. As the originator of the ISO/IEC information security management system standard, and the first certification body offering a robust certification program for ISO/IEC 27001 sector specific standards, BSI worked closely with Ribose and experts from ISO/IEC JTC 1 SC 27 in the development of the ISO/IEC 27017 certification scheme – ensuring our rigorous certification program accurately assesses adherence to the standard.” 

Ronald Tse, founder of Ribose, explained, “ISO/IEC 27017 certification clearly demonstrates Ribose’s unwavering commitment to cloud security. We are proud to be the world’s first cloud service provider to achieve simultaneous CSA STAR Certification, STAR Attestation and C-STAR Assessment together with ISO/IEC 27017. Although some overlap exists, ISO/IEC 27017 has proven to be complementary to our existing regional and global cloud security requirements.”

Tse continued, “Ribose has always maintained a tight reputation as a pioneer in cloud security. Our new ISO/IEC 27017 certification confirms we are deploying proper controls to secure our own platform, as well as to protect our customers’ data through the suppliers we rely upon to deliver our services.”

“By taking the highest bar approach to cloud security, Ribose gives users the peace of mind to freely create and collaborate on our platform – knowing their confidential information is protected by multiple international certifications to the highest levels of cloud security,” concluded Tse.

# # #

About Ribose

Ribose is the award-winning secure cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Trusted by regulated industries and users with heightened security needs, it is the world’s first cloud platform to achieve MTCS (Multi-Tier Cloud Security) and the only cloud service provider to be triple assured by the Cloud Security Alliance: CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

Ribose has won numerous awards including the CSA APAC Enterprise Award for Security Innovation of the Year, Gold Stevie® Awards at the International Business Awards for Most Innovative Company in Asia and Best New Collaboration Service, and has been named a Red Herring Top 100 Global company.

Ribose is certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. As the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO), BSI is responsible for originating many of the world’s most commonly used management systems standards and publishes over 2,700 standards annually.

Read More

Ribose at Singapore's CloudAsia 2016

Ribose is in Singapore for CloudAsia 2016!

Thanks to the kind invitation by the IDA, we have a booth at the Suntec Convention Centre (4/F), within the IDA Pavilion which is right at the front door.

We'll be around from May 3-5. Feel free to come say "hi"!

Read More

Ribose wins Security Innovation of the Year by Cloud Security Alliance APAC

[Hong Kong] – 21 January 2016 – Ribose has been named Security Innovation of the Year by the Cloud Security Alliance (CSA), the premier organization for the cloud security industry.

Ribose received the award at the CSA APAC Inaugural Awards Ceremony on 3 December 2015 in Guangzhou, China after careful appraisal of professionalism, excellence, innovation and measurable success by the judging committee. The prestigious award recognizes the very best in the technology industry, rewarding industry-leading organizations for innovation and performance in the cloud sector. Ribose was named Security Innovation of the Year alongside Trend Micro and DBApp Security, recognizing its genuinely innovative approach to cloud security.

Ribose is actively involved with the CSA on cloud security matters, with Ribose founder Ronald Tse a member of its International Standardization Council – which develops international standards relating to cloud security with multiple partners including the ISO/IEC JTC1 SC27, the group that created the ISO/IEC 27001 international standard for Information Security Management Systems. Since joining the CSA in 2013, Ribose has participated in multiple CSA research programs to promote and develop improved cloud security practices for both users and providers.

As a result, Ribose holds numerous cloud security “firsts” and heavily participates in multi-jurisdictional cloud security programs, believing the practice should be an industry standard as Cloud Security Providers (CSPs) must ensure the security of users’ data across geopolitical and regulatory borders.

A pioneer in cloud security, Ribose was the first CSP to adopt and promote CSA’s CCM 3 control framework, and the world’s first CSP simultaneously certified to all three of CSA’s cloud security assessment schemes: STAR Certification to the highest Gold maturity level, STAR Attestation and C-STAR Assessment. Ribose was the first organization worldwide to achieve CSA STAR Attestation and STAR Certification using CCM 3.0 and CCM 3.0.1; as well as the first Software-as-a-Service (SaaS) to achieve STAR Certification and C-STAR Assessment.

According to Jim Reavis, CEO and co-founder of the CSA, “We first invited Ribose to join CSA having seen their dedication to providing the best security protection to their users. As pioneers in cloud security, Ribose is leading the industry in pursuing security assurance for its users, and became the world’s first organization simultaneously certified to all three of CSA’s cloud security assessment schemes: STAR Certification, STAR Attestation and C-STAR Assessment. In naming Ribose as Security Innovation of the Year, we are recognizing its dedication to providing the highest level of security protection for users and its commitment to benefitting the entire cloud security industry through its work with the CSA.”

“Ribose serves as a leading example for CSPs in Asia, setting best practices in user security and privacy,” said Aloysius Cheang, Managing Director APAC and Standards Secretariat of the CSA International Standardization Council. “Asia is fast rising as the next hub of innovation in the technology space, and certified world-class organizations like Ribose are leading the charge. By using CCM extensively, and assisting in its development, Ribose has pioneered a high bar approach to cloud security – adopting a streamlined process that provides robust protection for all users.”

“Winning this recognition is a high honor for Ribose, as we work closely with many industry bodies like the CSA – the authority on cloud security. We are thrilled to win this honor, which stands as an external testament to our deep commitment to cloud security and the effectiveness of our approach and implementation,” explained Ronald Tse, founder of Ribose.

Tse continued, “CSA is the de-facto cloud security industry body, and their research has strongly influenced the cloud security industry as well as the most – if not all – cloud security standards used around the world today. As a corporate member of the CSA and a leader in cloud security, we strongly support the CSA’s work and have helped them to develop and drive industry standards, thereby improving confidence for both cloud providers and users around the globe.”

“As a collaboration platform, Ribose depends on the highest levels of cloud security to protect our users’ intellectual property. Knowing that their work is protected by award-winning, internationally certified levels of security gives our users the peace of mind to focus on their tasks at hand,” Tse concluded.

# # #

About Ribose

Ribose is the cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Triple-assured by the Cloud Security Alliance, Ribose is the world’s first cloud service provider certified to CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and MTCS (Multi-Tier Cloud Security), and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

In 2015, Ribose was selected as a Red Herring Top 100 Global company, joining a prestigious list of up-and-coming technology companies; won two Gold Stevie® Awards at the 2015 International Business Awards for Most Innovative Company in Asia and Best New Collaboration Service, and was also awarded the CSA APAC Enterprise Award for Security Innovation of the Year.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About The Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by the cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA has developed the definitive best practices for the industry, including the Security Guidance for Critical Areas of Focus in Cloud Computing, the Cloud Controls Matrix, Top Threats to Cloud Computing and 50 other cloud security research artifacts.

For further information, visit us at www.cloudsecurityalliance.org.

Read More

Ribose named Best Cloud Collaboration Platform in 2015 Technology Innovator Awards

Hong Kong – 8 September 2015 – Ribose was named Best Cloud Collaboration Platform in the 2015 Technology Innovator Awards hosted by the Corporate Vision Magazine.

Ribose joined other winners including AIG, Level 3 Communications and Standard Life in accepting the award for its cloud collaboration platform, which democratizes collaboration technology - previously only affordable to large enterprises and government organizations - by putting world-class security and technology into the hands of all users.

Announced on 3 September, the 2015 Technology Innovator Awards highlight the individuals departments and firms who, through their commitment, experience and willingness to explore and take advantages of the opportunities presented, are developing and sharing the technology that will continue to enhance and fundamentally alter the business world for the better for many years to come. Award winners are decided by a combination of votes gathered from Corporate Vision Magazine’s network of respected industry partners and rigorous in-house research, performed by a dedicated network of industry insiders and corporate specialists.

Capturing the attention of the technology and business worlds, Ribose has been featured in Fortune and TechTarget. Accessible anywhere, offering enterprise-level service dependability, and complying with international governance standards – the Ribose platform gives users peace of mind to focus on their tasks at hand. Ribose provides high levels of security for all users by meeting the most stringent specified requirements worldwide, advocating a ‘highest-bar’ approach to cloud security.

In addition to winning the Technology Innovator Award, Ribose also won two Gold Stevie® Awards at the 2015 International Business Awards, where it was named Most Innovative Company in Asia and also Best New Collaboration Service.

Ribose founder Ronald Tse remarked, “Ribose is very happy to receive this positive acknowledgment of our product and our mission. This award truly stands as testament to our team’s dedication and hard work. I also must thank everyone who nominated and voted for Ribose – we are honored for this recognition of our world-class collaboration platform that makes working together easy and fun.”

“Users often rely on our platform to create high-value, mission-critical results involving important intellectual property or highly confidential information. With this in mind, we need to be aware of our users’ real-world needs – which they might not express or even realize. Ribose’s world-class security stems from this philosophy, and it’s a commitment that our users genuinely appreciate,” explained Tse.

According to Technology Innovator Awards Co-ordinator Laura Hunter, “It goes without saying that technology is continually improving and transforming both the business world and our everyday lives. Ribose has proven that its innovative collaboration platform fills a unique need in the industry – and its continued development paves the way for the future of highly secure, easy-to-use collaboration software.”

To learn more about the 2015 Technology Innovator Awards, view the list of winners and discover the stories behind their success, please visit corp-vis.com.

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun while keeping your data safe. As the world’s first cloud service provider certified to MTCS (Multi-Tier Cloud Security), CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment, Ribose has been consistently awarded the industry's highest cloud security ratings year after year: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About Corporate Vision Magazine

Created by a highly experienced and passionate team of business experts, advisors and insiders, Corporate Vision provides discerning readers worldwide with a wealth of news, features and comment on the corporate issues of the day.

Corporate Vision boasts a truly global reach, with a subscriber list that reaches 170,000 top-tier professionals from Europe to the US, Africa to Asia and includes some of the most prominent CEOs and leading figures from the worlds of technology, training and education, marketing, innovation and design, products and services, support services and strategy.

Learn more at corp-vis.com.

Read More
Next
1 2 3

Get Started

Getting Started