/ Certifications

More and more companies and public institutions store business-sensitive data in the cloud. Therefore, these organizations have a clear need for certain standards ensuring a minimum service level. We provide our customers with this guarantee through our various certifications.

/ ISO 27001:2013

ISO 27001 is the most common used security management certification outside of the United States. It consists of 133 controls and is applicable to the apparatus of the whole Information Security Management System.

In the Statement of Applicability (SOA), certified organizations can determine which controls are applicable to them. We have implemented the most comprehensive version of the ISO 27001:2013 certification, namely all 133 controls.

The certificate, the Statement of Applicability and the audit report are freely available for inspection.

/ NEN 7510:2011

The healthcare industry processes and stores important medical and patient data. To ensure that your medical data is stored securely, the NEN (Dutch Standards Institute) has created the NEN 7510 security standard. We implemented the NEN 7510 simultaneously with ISO 27001 and both have been audited.

Besides the fact that we are one of the official NEN partners, we also take seat in the NEN commission for cloud computing: Distributed Application Platforms and Servers (DAPS). This commission deals with a new ISO standard for the cloud; ISO 27017. In addition, the commission is concerned with the Dutch Code of Practice Cloud Computing. 

The certificate, the Statement of Applicability and the audit report are freely available for inspection.

/ ISO 9001:2015

ISO 9001 is the international standard for quality management systems and quarantees the quality of our service and customer satisfaction. We conduct periodic customer satisfaction surveys to evaluate our processes. Based on the results, we will make adjustments where necessary to improve our collaboration with you.

/ ISAE3000 / TPM statement

More and more internal business processes are being outsourced. Organisations and institutions are increasingly using our services to accommodate and manage their own internal infrastructure. Outsourcing often raises the question of how the external service provider guarantees availability, confidentiality and integrity. Questions like how does the service provider deal with information security? How is the management process implemented and is it’s working guaranteed? Who all has access to the information?

For these reasons, CloudVPS is increasingly being asked to provide evidence that provides a degree of certainty with regard to outsourcing. Because we like to be transparent to our customers and put the quality of our services first, we have obtained an ISAE3000D Type I and Type II certification for our OpenStack 2.0 platform. Through this statement, which has been issued by an independent external auditor, it is clear that our control measures actually work as intended.

If you want to view the statement, you can request it from your service manager.