We Proactively Safeguard Our Clients’ Data

With Divio, you get a cloud PaaS with full cloud computing ISO compliance

Learn More about Compliance
Move Your Apps to a Compliant Solution

Divio clients’ compliance is fully ensured. This goes from the infrastructure layer up through the management of the infrastructure, and to the PaaS. Divio and the infrastructure providers handle it for you.

4 Important Benefits of Cloud Compliance

Cloud compliance protects you and protects your business.

  1. 1.
    Information Security You Can Rely On

    Divio is certified for all three cloud computing ISO security standards

    • ISO 27001: Information Security Management System

    • ISO 27017: Security Controls for Cloud Services

    • ISO 27018: Protection of Personally Identifiable Information

  2. 2.
    The Advantages of a Cloud Compliant Vendor

    • Established standards for critical operating principles and procedures

    • Assurance of the vendor’s constant, iterative training and adoption of cutting edge compliance and security methods

    • Active protocols for handling information security management 

    • Emergency action and contact plans ready in case of incidents

    Methodical protections to prevent risky actions by upstream and downstream vendors

  3. 3.
    Cloud Compliance Prevents Dangerous Problems

    Protect your business from a wide array of legal, financial and reputational threats

    • Avoid reputational damage and lawsuits

    • Pre-empt employee concerns over information security, data protection compliance and how their data is handled

    • Evade outsiders trying to gain access to your company’s sensitive financial and market-critical information

    • Bypass potential threats caused by vendor negligence and mishandling of your data

  4. 4.
    Shrink Opportunity Costs and Speed Up Vendor Onboarding

    The compliance of your vendors can either speed up client sign-up or slow it to a crawl 

    • Confirm to clients that all of the vendors in your supply chain are ISO 27001 compliant. 

    • Give assurances that their data will be proactively protected. 

    • Close deals faster and bring in new customers who have higher compliance requirements.

The Shared Responsibility Model

Divio is part of a security and compliance shared responsibility model. That means Divio shares the responsibility for compliance with other vendors. 

Your cloud infrastructure providers (for example, AWS, MS Azure and Google Cloud) have certifications and security audits that cover their section of the cloud infrastructure. They sit below Divio in the infrastructure model. 

Divio builds its security and compliance on top of the cloud vendors. We are responsible for the compliance of the cloud infrastructure management layer and services, as well as the PaaS tools and features.

The only part of your cloud infrastructure compliance model that is not covered by Divio or the cloud infrastructure suppliers is your own applications. Your web applications’ contents and how you handle data within the application is your responsibility. But you will always be building upon the solid foundations of the shared responsibility model.