SECURITY

Cloud Security and Compliance

Running on world-leading cloud provider Google Cloud, the Unblu Financial Cloud is fully designed and operated by Unblu. It has been built to comply with the toughest international standards such as ISO 27001 and SOC 2 Type 2

 

Business Continuity
99,75 SLA

The Unblu Financial Cloud offers a 99.75% committed SLA. As opposed to offering a Service-level Objective (SLO) or a Service-level Target(SLT), a SLA legally commits our organisation to reaching this target and provides assurance to our clients on the robustness of our cloud setup.

In-region: RPO 0 min / RTO 2min

Failover Region: RPO 24 hours / RT0 3 days

Regional failures are characterized as the failure of all 3 data centers in a given region. In this case, the cluster running the Unblu application can be restored in a different region within 3 days with an RPO of 24h. The “backup” region can be selected by our clients in order to comply with geofencing requirements.

24/7 operational support

Our Cloud Service runs on a 24/7 support model.

Available in several regions with multi-region failover

By default, the Unblu Financial Cloud is available in Datacenters located in Europe, North America, and APAC.

IAM & Security
Zero trust architecture

Unblu has implemented a zero-trust architecture, an enhanced protection program. Our infrastructure can only be accessed via managed and specially hardened endpoint devices that require triple authentication.

Background checked staff

Employees working on cloud operations are screened on a yearly basis by a third party.

Regular DR and runbook testing

Unblu has implemented a robust Disaster Recovery strategy with dedicated runbook.

Data encryption at & rest in-transit

Data in the Unblu database and on the file system is AES256-encrypted at rest, as well as in transit when moving out of Google’s physical boundaries.

Hardened and remote managed end-points

Cloud operations employees can only use specially hardened and controlled endpoints devices for managing the Cloud, therefore access to the Cloud operations layer is limited and fully controlled.

Regular penetration tests

Unblu is committed to testing and improving its operations over time. To help achieve this, our Cloud setup is pen tested by a third-party organization.

Compliance and certifications for our Cloud Operations
ISO 27001, ISO 27017, ISO 27018

ISO 27017 (Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services) is a security standard developed for cloud service providers and users to make a safer cloud-based environment and reduce the risk of security problems. ISO 27018 (Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors) is a security standard developed for cloud service providers on how to handle and protect PII in a cloud environment. The ISO certifications prove that Unblu has applied the appropriate technical and organizational measures in order to operate our cloud whilst maintaining the highest data protection standards.

SOC 2 Type 2

Our audited SOC 2 Type 2 report delivers detailed evidence on the applied control criteria to establish trust in our management and operational processes. With it, clients can understand how we protect their data and their clients’ data.

Processes and certifications achieved by GCP

In addition to Unblu certifications & audits, we rely on the underlying processes and certifications achieved by GCP. More information on Google Certifications can be found at Cloud Compliance & Regulations Resource.

IRQAO registered

Check our registration record held with IRQAO for our ISO 27 001 certification.

Clients operating on the Cloud

Several Unblu clients have already made the decision to operate in the Cloud and/or migrate from their on premise installation.

Get in touch to know more

WHITEPAPER

Unblu Financial Cloud Paper

Request the latest version of our Unblu Cloud paper, outlining the different capabilities, security measures and certification from our Cloud Offering

See Unblu in action