Security is a Shared Responsibility

By Anonymous -
Keeping your data under tight lock and key takes the combined effort of both our team and yours. We recently introduced a new security page on our website to ensure everyone understands the shared security model when working in the cloud.

Keep reading to learn how, by working together, we can provide better security.

Who’s responsible for what?
While SmartSimple ensures our platform’s security and the protection of your information, we all bear some responsibility for complete security throughout your data’s lifecycle.

We can safeguard the data that you store with us, but we have little control over what happens outside our environment. Therefore, it’s important that you evaluate your own security policies, consider how your users access your system, monitor how the data is used, and maintain the physical security of your own premises and its hardware.

To really understand why security is a shared responsibility, you need to know the difference between two key concepts:

·         Security of the Cloud – Security measures that we, your cloud service provider, implement.
·         Security in the Cloud – Security measures you, our client, implement to safeguard your content and applications.


To make it easy to understand, we’ve created a graphic outlining exactly what each of us is responsible for:
Security requires a systematic approach 
Working together is the optimum method for the security of your organization’s data. By being aware of security best practices and taking appropriate action, we are creating a safe, secure environment for your sensitive data.

SmartSimple is SOC 1 Compliant
We subscribe to a high level of testing, training and compliance measures that ensure SmartSimple meets robust security standards, set by independent third-party auditors. These unbiased auditors certify that we are following regulated guidelines and are meeting our commitments:


We are a Service Organization Control (SOC) 1 compliant Software-as-a-Service company and are currently on target to becoming SOC 2 compliant in 2016.

Need help?
We have several articles on cloud security available on the SmartSimple Wiki.

If you still need more help understanding the shared responsibility model, talk to your organization’s IT team, write us at support@smartsimple.com or call us at 1-866-239-0991. 

Comments

Post a Comment

Popular posts from this blog

Introducing 24/5 Technical Support

By Anonymous -
Image
Real technical support from a real human, at any hour. We’re launching round-the-clock technical support 24 hours a day, 5 days a week. From Sunday at 4pm Eastern Time to Friday 9pm Eastern Time, our clients will have access to live support. GMT: 9 pm Sunday to 2 am Saturday EST: 4 pm Sunday to 9 pm Friday PST: 1 pm Sunday to 6 pm Friday AEST: 8 am Monday to 1 pm Saturday “When you have to burn the midnight oil to get your job done it’s important to know you won’t have to wait till the morning to get answers. You can call us up and talk to a real human being any time of the week, day or night”.   — Mike Reid, Co-Founder of SmartSimple We take support seriously, which is why we’re pioneering this model as the first in our industry. We’re in the empowerment business, and as such, it’s part of our responsibility to help our clients to get the most out of the SmartSimple platform every step of the way. We at SmartSimple take pride in our delivery of excellent service to o
Read more

SmartSimple Attends the Conference Board of Canada’s Corporate Social Responsibility Conference

By Anonymous -
Image
On October 29 th and 30 th , the SmartSimple team took part in the very first Corporate Social Responsibility (CSR) Conference. Hosted by the Conference Board of Canada, the event took place at the Hilton in Toronto, Canada. The theme for this inaugural event was Delivering Meaningful Impact. Sarah Jane Nicholson and David Resnick welcome participants. “We really enjoy attending events like this,” says David Resnick, Director, Strategic Initiatives and Product Placement, “We always appreciate the opportunity to share the power of SmartSimple with organizations looking to easily manage and run their CSR activities. Plus, it’s great to speak to our existing clients and hear about how well SmartSimple is working for them.” Also in attendance from SmartSimple’s Toronto team were Sarah Jane Nicholson, Relationship Manager, and our new Inside Sales Manager, Alvin Thompson. This summit gave participants the chance to learn, explore and discuss best practice strategies for compan
Read more

Dedicated vs. Non-Dedicated Servers – What’s best for me?

By Anonymous -
Image
More and more business today is being done in the cloud. While this offers amazing flexibility and accessibility advantages, everything you use in the cloud still needs to be physically stored somewhere, and that’s the role a server plays in your system. There are two types of servers you can use; a dedicated server or a non-dedicated server. Google's server farm in Douglas County, Iowa What’s the Difference? A non-dedicated server means your server is “hosted” in a shared environment with other, separate organizations.   A dedicated server is your organization’s own server and only contains your data. Why would my organization choose one option over the other? The answer to this question really depends on the classification level of your data, the governance rules of your organization and your country’s data sovereignty laws. That’s really not as complicated as it sounds. Data classification is all about how sensitive your data is and, therefore,
Read more