Cloud security is important for the protection of hosted information. Even small gaps in security coverage can put everything at risk, including data, customer information, uptime, and potentially a company’s reputation. A certain amount of confidence is needed when relying on third-party vendors to manage and handle your data. This is exactly why we prioritize security above everything else.
We comply with the European General Data Protection Regulation (GDPR). Read more about CloudAMQP and GDPR here.
We are proud to be compliant with SOC 2 by AICPA. We have been audited against the Security (common criteria) and Availability Trust Services Criteria.
Our SOC 2 Type 2 report can be obtained under an NDA per request. Please send an email to firstname.lastname@example.org.
Customer data access is limited to specific employees at CloudAMQP. All employees undergo pre-employment background checks and participate in annual Security Awareness training, as well as Compliance & Policy training.
Our Information Security Program includes all security policies and defines our organization-wide approach to system and data protection. Among other things, the program includes how the service is designed and developed, how the system is operated, how the internal systems and networks are managed, and how employees are hired and trained.
We automatically handle security updates based on advisory for our servers and associated devices.
To secure data in transit, we enforce TLS. Clients have the option to enable TLS to and from the application to ensure secure transit between CloudAMQP and their application.
Instances are isolated from each other on a network level. Policies enforce deny-all-by-default security to instances. Clients with instances created in AWS or GCP have the option to define a Virtual Private Cloud (VPC).
84codes resides in Sweden and complies with GDPR, but is not Privacy Shield certified. Privacy Shield is designed for US companies, or EU companies working with US companies, to have adequate data protection as required by GDPR. Many of the US-based data centers available for CloudAMQP hosting are certified under Privacy Shield.