JavaScript is turned off in your web browser. To take full advantage of Ribose features, please enable JavaScript and refresh the page.

Ribose achieves ISO/IEC 27017 cloud security certification

World’s first SaaS platform compliant to international cloud security standard

[Hong Kong] – 9 June 2016 – Ribose has become the world’s first Software-as-a-Service platform to achieve certification to ISO/IEC 27017, an international standard for information security controls specifically designed for cloud services. Published by the International Standards Organization (ISO) and the International Electrotechnical Commission (IEC), ISO/IEC 27017 is a Sector-Specific Standard within the ISO/IEC 27001 (Information security management systems) family.

The cloud offers immense benefits, allowing cloud service customers to utilize the exact amount of computing resources needed at any given time. However, due to the open nature of the cloud environment – which provides broad network access, rapid elasticity, self-provisioning functionality and resource pooling – cloud information security needs differ greatly from the traditional environment ISO/IEC 27001 was originally designed to protect.

Addressing the specific needs of cloud security, ISO/IEC 27017 builds upon ISO/IEC 27001 – providing additional controls and implementation guidance on architecture, technology and processes to ensure information security is well protected in the cloud. Taking into account that many cloud service providers are often customers of other cloud services, ISO/IEC 27017 also specifies implementation guidelines for both cloud service customers and cloud service providers, emphasizing each entity’s role in cloud security and protecting end users’ information.

“The ISO/IEC JTC1 SC27 committee, which creates and manages the ISO/IEC 27001 family of standards, first approved the proposal for a cloud security management standard proposed by Japan in October 2011. ISO/IEC 27017, having been through 5 years of dedicated work, was finally published in December 2015, provides a code of practice for information security management for cloud services. In achieving this certification, Ribose has demonstrated its commitment and effort towards protecting user information in the cloud," commented Tadashi Nagamiya, Secretary General of JASA, Japanese representative for ISO/IEC JTC1 SC27, and one of the original authors and proposer of ISO/IEC 27017.

As the first cloud service provider to achieve CSA CCM 3 compliance, CSA STAR Attestation and Singapore’s MTCS, Ribose was able to satisfy the recommendations set forth in ISO/IEC 27017 with its existing systems and processes.

Emmanuel Hervé, Vice President of Standards and Professional Services, BSI Asia Pacific, and Managing Director, BSI Hong Kong, remarked, “We commend Ribose’s dedication to protecting its users information to the highest standards. As the originator of the ISO/IEC information security management system standard, and the first certification body offering a robust certification program for ISO/IEC 27001 sector specific standards, BSI worked closely with Ribose and experts from ISO/IEC JTC 1 SC 27 in the development of the ISO/IEC 27017 certification scheme – ensuring our rigorous certification program accurately assesses adherence to the standard.” 

Ronald Tse, founder of Ribose, explained, “ISO/IEC 27017 certification clearly demonstrates Ribose’s unwavering commitment to cloud security. We are proud to be the world’s first cloud service provider to achieve simultaneous CSA STAR Certification, STAR Attestation and C-STAR Assessment together with ISO/IEC 27017. Although some overlap exists, ISO/IEC 27017 has proven to be complementary to our existing regional and global cloud security requirements.”

Tse continued, “Ribose has always maintained a tight reputation as a pioneer in cloud security. Our new ISO/IEC 27017 certification confirms we are deploying proper controls to secure our own platform, as well as to protect our customers’ data through the suppliers we rely upon to deliver our services.”

“By taking the highest bar approach to cloud security, Ribose gives users the peace of mind to freely create and collaborate on our platform – knowing their confidential information is protected by multiple international certifications to the highest levels of cloud security,” concluded Tse.

# # #

About Ribose

Ribose is the award-winning secure cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Trusted by regulated industries and users with heightened security needs, it is the world’s first cloud platform to achieve MTCS (Multi-Tier Cloud Security) and the only cloud service provider to be triple assured by the Cloud Security Alliance: CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

Ribose has won numerous awards including the CSA APAC Enterprise Award for Security Innovation of the Year, Gold Stevie® Awards at the International Business Awards for Most Innovative Company in Asia and Best New Collaboration Service, and has been named a Red Herring Top 100 Global company.

Ribose is certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. As the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO), BSI is responsible for originating many of the world’s most commonly used management systems standards and publishes over 2,700 standards annually.

Read More

Ribose achieves certification to ISO/IEC 27018 for cloud privacy protection

Award winning collaboration platform compliant to international cloud privacy standard

[Hong Kong] – 18 December 2015 – Ribose has achieved certification to ISO/IEC 27018, an international standard recently published by the International Standards Organization (ISO) that provides a code of practice for the protection of personally identifiable information (PII) in public clouds for PII processors.

Created as an extension of the ISO/IEC 27001 standard for information security management systems, ISO/IEC 27018 describes commonly accepted control objectives, controls and guidelines to ensure that PII data is adequately protected when processed by a cloud PII processor, providing a common compliance framework for CSPs operating in multinational markets. Based on the eleven privacy principles contained in ISO/IEC 29100, ISO/IEC 27018 specifies how to apply them within the ISMS framework for privacy protection in the cloud.

This certification means that data managed by Ribose will never be sold to a third-party for advertising, nor subcontracted to parties they may breach the integrity of users’ data. This also means that users retain full control of their data stored on Ribose, and that the company is transparent about where users’ data resides and how it is processed.

“The ISO/IEC JTC 1 SC 27 committee creates and manages the ISO/IEC 27001 family of standards, which includes ISO/IEC 27018 – Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors. In 2014, ISO/IEC published the 1st Edition of ISO/IEC 27018 which provides control guidelines in support of an information security management system as stipulated in ISO/IEC 27001. Ribose has extended considerable effort towards advancing protection of privacy in the cloud, as recognized through its successful completion of a formal review process in 2015, and is to be commended for all their efforts,” said Dale Johnstone, Vice-Convener of ISO/IEC JTC1 SC 27 / WG 1.

“BSI is the originator of the ISO/IEC 27000 family of international information security standards, of which ISO/IEC 27018 is a part. As a contributor to the ISO/IEC 27018 standard, we worked closely with Ribose and experts from ISO/IEC JTC 1 SC 27 – the subcommittee that developed the standard – to ensure our rigorous certification program accurately assessed their adherence to the standard. We commend Ribose’s commitment to protecting its users’ privacy, and appreciate the valuable feedback they provided during the pilot program,” said Emmanuel Hervé, Vice President of Standards Professional Services, BSI Asia Pacific and Managing Director, BSI Hong Kong.

“Ribose is proud to be the first CSP that provides ISO/IEC 27018-level privacy protection to all users – including paid and free users,” explained Ronald Tse, founder of Ribose. “Our certification demonstrates that ISO/IEC 27018 is complementary with existing global and regional cloud security standards, including CSA’s CCM and C-STAR, Singapore’s MTCS and Chinese national standards.”

“As a pioneer in cloud security and privacy, we apply a ‘highest bar’ approach to implement the most stringent, internationally-certified security standards across every jurisdiction where we operate: Hong Kong, US, UK/EU, Australia, New Zealand, Singapore and China. We believe that privacy is a right, not a luxury – and protecting our users’ data and privacy is paramount,” continued Tse.

Tse concluded, “In today’s connected world, privacy is more important than ever for collaborative work – which often includes confidential commercial data. With increasing amounts of sensitive information being stored in the cloud, the consequences of a data breach could be disastrous for organizations, users, and their data subjects. Privacy and security are the ultimate differentiators, and Ribose is certified to the highest standards in the world.”

# # #

About Ribose

Ribose is the cloud collaboration platform that makes working together easy and fun while protecting users’ data with the highest, internationally certified levels of security. Triple-assured by the Cloud Security Alliance, Ribose is the world’s first cloud service provider certified to CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and MTCS (Multi-Tier Cloud Security), and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

This year, Ribose won two Gold Stevie® Awards at the 2015 International Business Awards, where it was named Most Innovative Company in Asia and Best New Collaboration Service. It was also selected as a Red Herring Top 100 Global company, joining a prestigious list of up-and-coming technology companies; and awarded the CSA APAC Enterprise Award for Security Innovation of the Year.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. As the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO), BSI is responsible for originating many of the world’s most commonly used management systems standards and publishes over 2,700 standards annually.

Independently assessed and accredited globally by ANAB (ANSI-ASQ National Accreditation Board) and by over 26 other accreditation bodies around the world including UKAS (United Kingdom Accreditation Service), BSI is globally recognized as a champion of best practice.

For more information, please visit: bsigroup.com.

Read More

Ribose achieves world’s most extensive integrated management system compliant to PAS 99: Certified integration of seven management systems

8 July 2015 – Hong Kong – Cloud collaboration platform provider Ribose has achieved the world’s most extensive integrated management system (IMS) certified to the PAS 99 standard.

Certified by BSI (British Standards Institution), Ribose’s IMS covers all seven of the company’s management systems, each already compliant to a separate management system standard (MSS) including:


  • ISO 9001:2008 Quality management systems – Requirements, the international standard for quality management systems (QMS)

  • ISO 14001:2004 Environmental management systems – Requirements with guidance for use, the international standard for environmental management systems (EMS)

  • BS OHSAS 18001:2007 Occupational health and safety management systems – Requirements, the internationally applied British Standard for occupational health and safety management systems (OHSMS)

  • ISO/IEC 20000-1:2011 Information technology – Service management – Part 1: Service management system requirements, the international standard for IT service management systems (SMS)

  • ISO 22301:2012 Societal security – Business continuity management systems – Requirements, the international standard for business continuity management systems (BCMS)

  • ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – Requirements, the international standard for information security management systems (ISMS)

  • ISO 50001:2011 Energy management systems – Requirements with guidance for use, the international standard for energy management systems (EnMS)

PAS 99 is the world’s first framework for integrating management systems built on different management systems standards (MSS), specifying requirements for streamlining MSSs, allowing for improved business focus, a more universal approach to risk mitigation and improved operational efficiency.

Created to align with the ISO Directive Annex SL, the PAS 99:2012 standard goes a step further by ensuring the results of streamlining management systems work effectively and as intended. At present, PAS 99 certification is the only impartial way to determine if an IMS has achieved its intention of integrating operating systems efficiently and effectively, providing a common bar on how an integrated management system should function and continuously improve through certification.

According to Ribose’s founder Ronald Tse, “Ribose chose to build a streamlined, integrated management system right from the beginning. As a small company with a limited number of staff, we wanted to manage all aspects of the company as efficiently as possible. Streamlining our IMS through PAS 99 certification helped us avoid overlapping elements and duplicated effort across our different management systems.”

“Taking our commitment to holistic, comprehensive collaboration to heart, we have integrated our information security, business continuity, quality, IT services, environmental, energy and occupational health and safety management systems into a whole – allowing us to effectively manage these aspects of our operations without the typical overhead that can bog down non-integrated systems,” explained Mr. Tse. “Our highly dynamic information security management system, which has continuously received the highest security ratings and certified to the most stringent security standards including CSA STAR, CSA C-STAR, MTCS and AICPA SOC, also operates as part of this IMS.”

Mr. Tse concluded, “PAS 99 certification confirms that Ribose has integrated its management systems correctly, and that the IMS performs effectively – providing better oversight and control for our management team, while ensuring the highest level of service for our users.”

Emmanuel Herve, Managing Director of BSI Hong Kong and VP of Standards, remarked, “We commend Ribose for its commitment to the highest levels of corporate governance. Standards are designed to level the playing field, and Ribose’s numerous achievements in certification attest that smaller businesses can indeed compete against larger organizations by building upon standards.”

Mr. Herve added, “Management systems help companies get more from their business, and integrating these management systems allows them to realize even greater benefits without additional investment of time or money. PAS 99 provides a framework for the most streamlined method to achieve this goal. We congratulate Ribose on being the first company to integrate seven management systems under PAS 99, setting a strong example for the industry to follow.”

# # #

About Ribose

Ribose is a cloud collaboration platform that makes working together easy and fun while keeping your data safe. As the world’s first cloud service provider certified to MTCS (Multi-Tier Cloud Security), CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and the first Software-as-a-Service platform to complete the CSA C-STAR Assessment, Ribose has been consistently awarded the industry's highest cloud security ratings year after year: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

Ribose is also certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, and approved by the UK Government’s G-Cloud program for government use.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. As the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO), BSI is responsible for originating many of the world’s most commonly used management systems standards and publishes over 2,700 standards annually.

Independently assessed and accredited globally by ANAB (ANSI-ASQ National Accreditation Board) and by over 26 other accreditation bodies around the world including UKAS (United Kingdom Accreditation Service), BSI is globally recognized as a champion of best practice.

For more information, please visit: bsigroup.com.

###

Read More

Ribose awarded PAS 99 certification for integrated management systems

Ribose awarded PAS 99 certification for integrated management systems

Achieves internationally certified corporate governance and compliance management

Hong Kong, 17 June 2014 – Ribose has achieved PAS 99:2012 certification, the internationally accepted framework for integrated management systems (IMS).

Ribose is the first collaboration platform in the world and the first organization in Hong Kong to achieve this certification. Ribose’s IMS integrates its existing business continuity and information security management systems, satisfying both ISO 22301:2012 and ISO 27001:2013, the international standards for business continuity and information security, respectively.

Ribose’s certification was awarded by BSI (British Standards Institution), the originator of the PAS 99, ISO 22301 and ISO 27001 standards. Certification is awarded only after an independent accredited auditor has thoroughly checked all applications, systems, processes and services.

PAS 99 is a framework for integrating management systems built on different management systems standards (MSS). It specifies requirements for streamlining and managing MSSs, allowing for improved business focus, a more universal approach to risk mitigation and improved operational efficiency.

“Ribose is dedicated to providing our users with the highest standards of service. Achieving PAS 99 certifies that our management systems are tightly integrated – including our highly dynamic information security management system, which has been awarded numerous security certifications such as ISO 27001, CSA STAR and CDSA CPS,” explained Ronald Tse, founder of Ribose. “We believe the holistic approach is key to effective collaboration, and we’ve taken that to heart in integrating our management systems – which will augment service for all users.”

Emmanuel Herve, Managing Director of BSI Hong Kong, stated: “By achieving PAS 99 certification for its IMS, Ribose has again demonstrated its commitment to industry-leading corporate governance. The certified efficiency of its management systems allows Ribose to focus its resources on enhancing its platform, and delivering effective solutions to users.”

# # #

About Ribose

Ribose makes collaborating easy and fun. Whether planning business projects or social events, the Ribose platform helps users collaborate through world-class security certified to the highest standards, including ISO 27001, CSA STAR and CDSA CPS. Also available as part of the UK Government's G-Cloud program, Ribose is free to use: http://www.ribose.com.

About BSI

The British Standards Institution is the business standards company that helps businesses turn best practices of into habits of excellence. As the world’s first national standards body and a founding member of ISO, BSI is an organization whose standards inspire excellence across the globe: http://www.bsigroup.com

###

 

Read More

Ribose world's first collaboration platform to achieve ISO/IEC 27001:2013 certification

Ribose world’s first collaboration platform to achieve ISO/IEC 27001:2013 certification

One of the first organizations worldwide to achieve compliance to latest information security standard

Hong Kong, 25 March 2014 – Ribose has achieved certification for the latest information security standard ISO/IEC 27001:2013, covering all aspects of the company, including its social collaboration platform.

In addition to being the world’s first collaboration platform to achieve this certification, Ribose is also one of the first organizations worldwide, and the first organization in Hong Kong to do so. Ribose’s certification was awarded by BSI (British Standards Institution), the originator of the ISO/IEC 27001 standard. This international standard has wide-ranging requirements for implementing, operating, maintaining and improving information security management. Certification is awarded only after an independent accredited auditor has thoroughly checked all applications, systems, processes and services. Ribose’s scope of certification was as comprehensive as possible, covering all processes and services.

ISO/IEC 27001:2013 is the revised information security standard that supersedes ISO/IEC 27001:2005. This update includes significant improvements to security, covers risks such as identity theft, mobile devices and other online vulnerabilities, and provides a more streamlined approach leading to better risk management. Ribose’s previous ISO/IEC 27001:2005 certification was also awarded by BSI.

“Ribose is committed to staying at the forefront of information security and protecting data, explains Ronald Tse, founder of Ribose.  Our state-of-the-art security system has already achieved highest merits in both CSA STAR certification and CDSA CPS certification. This latest certification shows that our system is dynamic and scalable, allowing us to protect information fully for our users. Our mission is to allow people to collaborate freely, and this certification gives people confidence that their information is always safe and fully protected.”

Emmanuel Herve, Managing Director of BSI Hong Kong, said: “Ribose has again demonstrated its commitment to information security by being one of the first organizations worldwide to achieve certification for the latest version of the information security standard. Organizations want to be reassured that any data stored externally is secure and service providers need to show they have appropriate security systems in place to manage information they handle. By attaining this certification, Ribose can do just that.”

About BSI

The British Standards Institution is the business standards company that helps businesses turn standards of best practice into habits of excellence. As the world’s first National Standards Body and a founding member of the ISO, BSI is an organization whose standards inspire excellence across the globe: http://www.bsigroup.com

###

 

Read More
Next
1 2

Get Started

Getting Started