Sicherheit und Compliance in der Cloud

The Unblu Financial Cloud offers a 99.75% committed SLA. As opposed to offering a Service-level Objective (SLO) or a Service-level Target(SLT), a SLA legally commits our organisation to reaching this target and provides assurance to our clients on the robustness of our cloud setup.

For Google Cloud Platform, regional failures are characterized as the failure of all 3 data centers in a given region. In this case, the cluster running the Unblu application can be restored in a different region within 3 days with an RPO of 24h. The “backup” region can be selected by the client in order to comply with geofencing requirements.

The Unblu Swiss Sovereign Cloud based on OTC is a managed service hosted by T-Systems Schweiz AG. All physical services are run in the T-System Schweiz AG data centers in Switzerland in two different locations: Zollikofen and Bern.

Our Cloud Service runs on a 24/7 support model.

By default, the Unblu Financial Cloud is available in Datacenters located in Europe, North America, and APAC.

Unblu has implemented a zero-trust architecture, and advanced data protection controls. Our infrastructure can only be accessed via managed and specially hardened endpoint devices that require triple authentication.

Employees working on cloud operations are background screened on a yearly basis by a third-party provider.

Unblu has implemented robust Disaster Recovery strategies with dedicated runbooks.

Data in the Unblu database and on the file system is AES256-encrypted at rest. In transit we enforce minimum TLS 1.2.

Cloud operations employees can only use specially hardened and controlled endpoint devices for managing the Cloud, therefore access to the Cloud operations layer is limited and fully controlled.

Our Cloud setup is pen-tested yearly by an independent organization.

ISO 27001 is the international standard for information security, requiring organizations to identify, assess, and mitigate security risks through a structured framework. Unblu is ISO 27001 certified for application operation and provisioning of cloud-based software services, ensuring that our cloud offerings meet stringent information security requirements.

Our SOC 2 Type 2 audit report delivers detailed evidence on the applied control criteria to establish trust in our management and operational processes. With it, clients can understand how we protect their data and their customer data. This certification applies to our Google Cloud Platform and Swiss Open Telekom Cloud deployments, demonstrating our commitment to safeguarding client data and maintaining operational transparency.

In addition to Unblu certifications & audits, we rely on the secure underlying platforms and certifications maintained by our cloud hosting partners. More information on the GCP Certifications can be found at Cloud Compliance & Regulations Resource.

Officially certified as “IBM Cloud for Financial Services Validated”, Unblu is also available on the IBM FS Cloud. Our robust platform has successfully undergone a rigorous security and compliance review, certifying that Unblu adheres to the industry’s most stringent standards. This validation ensures the utilization of the highest levels of encryption certification, delivering preventive and compensatory controls specifically designed for financial services regulatory workloads. With multi-architecture support and proactive, automated security measures, Unblu on IBM Financial Services Cloud provides an unparalleled level of protection for your sensitive data.

Check our registration record held with IRQAO for our ISO 27 001 certification.