SECURITY WHITEPAPER
SECURITY WHITEPAPER
Compliance
Y Soft adheres to domestic and international information security standards , as well as industry requirements . We integrate compliance requirements and standards into our internal control framework and implement such requirements and standards by design in our cloud print service . We are also engaging with independent third parties to verify the compliance of Y Soft according to various requirements . Our framework and compliance foundations are based on the following :
INFORMATION SECURITY STANDARDS
Y Soft leverages best practices and sound security guidance from a wide variety of sources . The best practices that we consider as we continuously improve our security programs include the Cloud Security Alliance ' s Cloud Control Matrix , ISO27001 , SD- PAC for our Secure SDLC from Security Innovation Inc . and several others .
Y Soft considers all information , applications and underlying IT infrastructure as important assets which are supporting business processes and are being adequately protected . The scope of our IT risk includes the potential loss of confidentiality , integrity , and availability of information assets due to inadequate controls or exploitation of security vulnerabilities . Our Policy framework is approved by the Chief Executive Officer on behalf of the Executive Management at Y Soft and provides a management statement highlighting the key IT Security Principles for managing IT risk .
ISO / IEC 27001 CERTIFIED
Our Cloud infrastructure is governed by our ISO / IEC 27001 certification , the internationally recognised standard for information security management systems ( ISMS ). ISO 27001 accreditation provides independent assurance that systems are designed and operated with cloud-first security principles and that robust processes are in place to build resilience and help avoid potential data security issues .
Our compliance with this internationally recognised standard proves the completeness and strength of our security controls and provides an independently verified assurance of our systematic approach to managing our cloud environment and demonstrates that robust processes are in place to build resilience and help avoid potential data security issues .
Access to our production environment is securely protected and regulated according to strict ISO27001 standards and procedures .
CLOUD SECURITY ASSOCIATION , CSA
We also use the Cloud Controls Matrix ( CCM ) control framework to align our cyber security to the Cloud Security Association , CSA best practices , that is considered the de-facto standard for cloud security and privacy . CAIQ Self-assessment has been done and can be shared under NDA .
YSoft SAFEQ Cloud - 28 - YSOFT . COM