ISO 27001:2011 Certifie
ISO/IEC27001 is the only auditable international standard, and defines the requirements for an Information Security Management System(ISMS). The standard is designed to select adequate and proportionate security controls. In November 2011, the management of information security in the design, implementation, and support of Hosted System at our data center. A full reassessment is required every 3 years, and surveillance audits that review a section of the ISMS are performed every 6 months.Rackspace’s PCI certification scope of coverage is for the following locations
SSAE16 Type II SOC1, SOC2 (Security and Availability Only)
SOC (Service Organization Control) I Reports are to be conducted in accordance in Statement on Standards for attestation Engagements(SSAE) No.16, the AICPA attest standard, which is an audit conducted over internal controls over financial reporting, management of the user organizations, and management of the service organization.
Service Organizations’ continue to define their control objectives and controls, but the service auditor is responsible for evaluating those control objectives to ensure they are reasonable.
A type 2 report also includes the service auditor’s opinion on whether the controls were operating effectively and describes tests of the controls performed by the service auditor to form that opinion and the results of those tests.
SOC 2 (Service Organization Control) Report is an examination engagement performed by a service auditor in accordance with the predefined criteria in Trust Services Principles, Criteria and Illustrations, as well as the requirements and guidance in AT Section 101, Attest Engagements, of SSAEs (AICPA, Professional Standards, vol. 1). The intent of a SOC 2 report is to provide an understanding of the details of the processing and controls at a service organization, by testing the design of the controls and their operating effectiveness, with the goal of instilling confidence and gaining trust in that service organization’s systems.
A core requirement for SOC 2 reporting is that of developing a description of the service organizations system; that is, a detailed and comprehensive narrative that describes the services provided, along with the supporting processes, policies, procedures, personnel and operational activities that constitute the service organization’s core activities that are relevant to user entities.
The design and operating controls for the Security and Availability Trust Service Principles were tested, and found to be suitably designed and operating effectively.
ISMS(Information Security Management System) Certified
ISMS is the certification to assess of ISMS pertinence in view of objectiveness and professionalism. KT CDC(Cloud Data Center) passed the ISMS security criteria from KISA(Korea Internet Security Association) against physical security, operation security, security policy etc.
Web Accessibility Certified
High availability means good WAC. WAC certified company means they have much flexibility doing in their business. KT is the largest, public company in Korea.
Premium SLA for Cloud Service Certified
This is a certification of premium cloud service provider to assure its availability, security and compensation for damages by Korean Government. This is to judge its reliability; analyze last 6 months’ actual data and give the certification if the service level meets over 99.5%.
