Ribose Achieves Cloud Industry’s First Kitemark for Secure Digital Transactions

World’s first collaboration platform certified to rigorous application security by BSI

HONG KONG--(BUSINESS WIRE)-- Ribose has become the world’s first cloud Software-as-a-Service platform to achieve BSI’s prestigious and highly selective Kitemark for Secure Digital Transactions, which certifies applications to ensure they have the appropriate security controls in place to handle highly sensitive information online through rigorous security testing.

Confidential financial and personal information is increasingly stored and shared, yet services themselves are subject to continuous threats and attacks at all times. According to PwC1, 90% of large organizations have already suffered data breaches, and it is imperative for organizations to protect their own confidential information in the cloud through appropriate security.

Protection is especially necessary for collaborative data, which often contain the most valuable, yet most vulnerable assets of the organization – intellectual property, trade secrets or personal information about customers and employees, patient health information, and financial information.

BSI’s Kitemark for Secure Digital Transactions is the most rigorous security testing program available to date that validates and evaluates the security of individual applications. Initially piloted by the banking industry, it is the latest member of the BSI Kitemark family, a symbol of trust and product quality that was first granted in 1903 and is highly recognized worldwide. BSI has also long been a pioneer in information security, being the originator of the international information security management system standard, ISO/IEC 27001.

An application certified to this Kitemark demonstrates rigorous validation to banking-grade security, as well as data protection measures of the organization that developed and operates the application, confirming it has been thoroughly tested and meets recognized standards for security, reliability and quality.

In order to receive the Kitemark for Secure Digital Transactions, the application or service must achieve three key criteria. First, a secure service must be developed and operated within a secure environment that emphasizes organizational security and process integrity. This criterion is best validated by requiring the organization itself to achieve and maintain certification to ISO/IEC 27001, covering all parts relating to the service and sensitive information it handles, including application development, infrastructure operations and transaction processing.

The second tenant of the Kitemark for Secure Digital Transactions is to achieve validation of application security, which requires the service to undergo rigorous internal and external penetration tests to the highest levels, ensuring there are no known significant vulnerabilities or security flaws. The application security tests are performed by a world-class, CREST-certified security team with over 30,000 hours of penetration testing experience, to the OWASP ASVS v2.0 standard – the most stringent in industry. Under Level 2 verification, Ribose is tested against 147 application security controls covering all facets of application security through black box and white box testing, from business logic to cryptography, static analysis to OWASP Top 10 vulnerabilities. This assures that the Ribose platform provides security assurance for significant transactions, including those that process healthcare information, implement business-critical or sensitive functions, or process other sensitive assets.

The third criterion is continual independent monitoring and assessment to ensure the security profile of the service provides assurance to the types of data it handles, including ongoing application security tests, organizational security audits, as well as Kitemark compliance audits and risk assessments.

According to Chris Lewis, Certification Director at BSI, “With a shift towards mobile and cloud computing, information security is increasingly becoming a key differentiator. Many organizations have good information security processes established but to achieve the BSI Kitemark for Secure Digital Transactions, their systems have to be regularly and independently tested with stringent penetration tests and monitoring. For Ribose to be first to achieve the BSI Kitemark for Secure Digital Transactions in the cloud industry, it reinforces their commitment to safeguarding their users’ private information in their secure cloud services.”

Emmanuel Hervé, Vice President of Standards and Professional Services, BSI Asia Pacific, and Managing Director, BSI Hong Kong, remarked, “The BSI name and the BSI Kitemark are recognized as symbols of trust, and we have a strong track record in promoting excellence in cyber and information security. The Kitemark demonstrates Ribose’s commitment to the ongoing security of their cloud application and service. In becoming the first cloud service to achieve the new Kitemark for Secure Digital Transactions certification is proof of Ribose’s pledge to be a pioneer in cloud security.”

Ronald Tse, founder of Ribose, explained, “Our Kitemark certification is a testament to Ribose’s unwavering commitment to providing a secure platform that prioritizes the protection of our customers’ data. Building on our ISO/IEC 27017 cloud security and ISO/IEC 27018 cloud privacy certifications, this Kitemark provides reassurance that our application itself features appropriate protection for highly sensitive information.”

“Ribose’s highest bar approach to cloud security gives users the peace of mind to freely collaborate on mission critical projects, knowing their confidential information is protected to international cloud security standards, and now the BSI Kitemark. All of these certifications stand as testament to the security of the Ribose platform,” Tse concluded.

Although no certification can ever guarantee 100% security, the BSI Kitemark for Secure Digital Transactions ensures a website or app has the appropriate security controls in place for the information it is handling.

About Ribose

Ribose is the award-winning secure cloud collaboration platform trusted by regulated industries and users with heightened security needs. Protecting users’ data with the highest, internationally certified levels of security while keeping work fun, it is the world’s first cloud platform to achieve MTCS (Multi-Tier Cloud Security), the only cloud service provider to be triple assured by the Cloud Security Alliance: CSA STAR Attestation, CSA STAR Certification (Cloud Controls Matrix, CCM 3.0.1) and CSA C-STAR Assessment, as well as the first in the cloud industry to receive BSI’s Kitemark for Secure Digital Transactions for validated application security. Ribose has been consistently awarded the industry's highest cloud security ratings: the highest security tier, Level 3, in MTCS and the highest maturity level, Gold, in STAR Certification.

Ribose has won numerous awards including the CSA APAC Enterprise Award for Security Innovation of the Year, Gold Stevie® Awards at the International Business Awards for Most Innovative Company in Asia, Best New Collaboration Service, Best New Social Business Service, Best New Security Solution, and has been named a Red Herring Top 100 Global company.

Ribose is certified to ISO 9001, ISO 14001, OHSAS 18001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO 50001, PAS 99, Cyber Essentials Plus, CDSA Content Protection Security (CPS) and AICPA Service Organization Control (SOC) standards, approved by the UK Government’s G-Cloud program for government use, and certified with the BSI Kitemark for Secure Digital Transactions.

Ribose is free to use: ribose.com.

About BSI

BSI (British Standards Institution) is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. Formed in 1901, BSI was the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO). Over a century later it continues to facilitate business improvement and organizational resilience across the globe by helping its clients drive performance, manage risk and grow sustainably through the adoption of international management systems standards, many of which BSI originated. Renowned for its marks of excellence including the consumer recognized BSI Kitemark™, BSI’s influence spans multiple sectors with a particular focus on Aerospace, Automotive, Built Environment, Food, Healthcare and IT. With 80,000 clients in 182 countries, BSI is an organization whose products and services inspire excellence across the globe.

To learn more, please visit www.bsigroup.com

1 PwC, 2016 Information Security Breaches Survey

View source version on businesswire.com: http://www.businesswire.com/news/home/20160925005005/en/

Ribose:
Ronald Tse, +852 3976 3976
[email protected]
https://www.ribose.com
Twitter: @RiboseUS
or
BSI:
Irene Tse, +852 3149 3300
[email protected]
http://www.bsigroup.com
Twitter: @BSI_UK

Source: Ribose

You May Also Be Interested In

• Armenian Political Prisoner Initiates Hunger Strike in Baku, According to Free Armenian Prisoners
• Vaxxinity Issues Shareholder Letter
• Stockholder Alert: Robbins LLP Informs Investors of the Class Action Filed Against Sharecare, Inc. (SHCR)