Security and Compliance

Secure at every step of the process

Cloud security is important for the protection of hosted information. Even small gaps in security coverage can put everything at risk, including data, customer information, uptime, and potentially a company’s reputation. A certain amount of confidence is needed when relying on third-party vendors to manage and handle your data. This is exactly why we prioritize security above everything else.

GDPR

We comply with the European General Data Protection Regulation (GDPR). Read more about CloudAMQP and GDPR here.

SOC2

We are proud to be compliant with SOC 2 by AICPA. We have been audited against the Security (common criteria) and Availability Trust Services Criteria.

Our SOC 2 Type 2 report can be obtained under an NDA per request. Please send an email to compliance@cloudamqp.com.

People Operations

Customer data access is limited to specific employees at CloudAMQP. All employees undergo pre-employment background checks and participate in annual Security Awareness training, as well as Compliance & Policy training.

Information Security Program

Our Information Security Program includes all security policies and defines our organization-wide approach to system and data protection. Among other things, the program includes how the service is designed and developed, how the system is operated, how the internal systems and networks are managed, and how employees are hired and trained.

Patch Management

We automatically handle security updates based on advisory for our servers and associated devices.

End-to-End Data Encryption

To secure data in transit, we enforce TLS. Clients have the option to enable TLS to and from the application to ensure secure transit between CloudAMQP and their application.

Instance Isolation

Instances are isolated from each other on a network level. Policies enforce deny-all-by-default security to instances. Clients with instances created in AWS or GCP have the option to define a Virtual Private Cloud (VPC).

Privacy Shield

84codes resides in Sweden and complies with GDPR, but is not Privacy Shield certified. Privacy Shield is designed for US companies, or EU companies working with US companies, to have adequate data protection as required by GDPR. Many of the US-based data centers available for CloudAMQP hosting are certified under Privacy Shield.

Security policy

For more information, please read our security policy, which demonstrates our commitment to security.

CloudAMQP is trusted by developers at