Quest Software, a global systems management and security software provider, has received ISO certification for its Azure–hosted software-as-a-service (SaaS) platform, Quest On Demand, available within the company’s Microsoft Platform Management business.
Specifically, all available Quest On Demand modules, including On Demand Group Management, On Demand Migration, On Demand Recovery, and the soon-to-be available On Demand Audit are ISO/IEC 27001:2013, ISO/IEC 27017:2015, and ISO/IEC 27018:2019 certified. These globally–recognized certifications ensure organizations have the highest level of cyber security protection for cloud services and personally identifiable information (PII) across public and cloud computing environments.
“We are committed to ensuring our customers have the highest level of security when it comes to protecting personal data stored in public cloud computing environments,” said Brad Kirby, Senior Director, Product Management, Quest Microsoft Platform Management business. “Receiving ISO certification for our On Demand SaaS offerings gives our customers peace of mind that any information stored in the cloud is protected from the most sophisticated cyber security threats.”
The International Standards Organization (ISO) is an independent, non-governmental organization that brings together experts to share knowledge and develop voluntary, consensus-based, market relevant international standards that support innovation and provide solutions to global challenges. Receiving ISO/IEC 27001:2013, ISO/IEC 27017:2015, and ISO/IEC 27018:2019 certifications confirms that the Quest On Demand SaaS tools successfully passed an independent audit that development and software engineering methodologies follow and adhere to standards and best practices. Quest partnered with KPMG to conduct the detailed audit and PECB to approve and issue the certifications.
Led by Olivier Le Rudulier, Quest’s Distinguished Engineer and Director of R&D over cyber security, the Quest On Demand portfolio received the following certifications:
ISO/IEC 27001:2013 certification standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization and requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
ISO/IEC 27017:2015 certification standard gives guidelines for information security controls applicable to the provision and use of cloud services.
ISO/IEC 27018: 2019 certification is a code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors. This standard, particularly important as organizations must comply with GDPR and other compliance regulations, establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.