SECURITY
Cloud Security and Compliance
Running on world-leading cloud provider Google Cloud, the Unblu Financial Cloud is fully designed and operated by Unblu. It has been built to comply with the toughest international standards such as ISO 27001 and SOC 2 Type 2
The Unblu Financial Cloud offers a 99.75% committed SLA. As opposed to offering a Service-level Objective (SLO) or a Service-level Target(SLT), a SLA legally commits our organisation to reaching this target and provides assurance to our clients on the robustness of our cloud setup.
Regional failures are characterized as the failure of all 3 data centers in a given region. In this case, the cluster running the Unblu application can be restored in a different region within 3 days with an RPO of 24h. The “backup” region can be selected by our clients in order to comply with geofencing requirements.
Our Cloud Service runs on a 24/7 support model.
By default, the Unblu Financial Cloud is available in Datacenters located in Europe, North America, and APAC.
Unblu has implemented a zero-trust architecture, an enhanced protection program. Our infrastructure can only be accessed via managed and specially hardened endpoint devices that require triple authentication.
Employees working on cloud operations are screened on a yearly basis by a third party.
Unblu has implemented a robust Disaster Recovery strategy with dedicated runbook.
Data in the Unblu database and on the file system is AES256-encrypted at rest, as well as in transit when moving out of Google’s physical boundaries.
Cloud operations employees can only use specially hardened and controlled endpoints devices for managing the Cloud, therefore access to the Cloud operations layer is limited and fully controlled.
Unblu is committed to testing and improving its operations over time. To help achieve this, our Cloud setup is pen tested by a third-party organization.
ISO 27017 (Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services) is a security standard developed for cloud service providers and users to make a safer cloud-based environment and reduce the risk of security problems. ISO 27018 (Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors) is a security standard developed for cloud service providers on how to handle and protect PII in a cloud environment. The ISO certifications prove that Unblu has applied the appropriate technical and organizational measures in order to operate our cloud whilst maintaining the highest data protection standards.
Our audited SOC 2 Type 2 report delivers detailed evidence on the applied control criteria to establish trust in our management and operational processes. With it, clients can understand how we protect their data and their clients’ data.
In addition to Unblu certifications & audits, we rely on the underlying processes and certifications achieved by GCP. More information on Google Certifications can be found at Cloud Compliance & Regulations Resource.
Check our registration record held with IRQAO for our ISO 27 001 certification.
Clients operating on the Cloud
Several Unblu clients have already made the decision to operate in the Cloud and/or migrate from their on premise installation.
Get in touch to know moreWHITEPAPER
Unblu Financial Cloud Paper
Request the latest version of our Unblu Cloud paper, outlining the different capabilities, security measures and certification from our Cloud Offering
See Unblu in action