By Michael Langer-Monsalve, Director of Technology
The center of every successful relationship is trust. This is not different when it comes to a cloud SaaS application. There can only be trust if each party follows best practices and is compliant with industry standards. Since we don’t have control over our providers, we need to be sure that our third-party providers also keep up to our security and quality standards.
When it comes to B2B SaaS applications, as it is the case of CAS from C4T, our customers, require us to also be compliant with security and quality standards. For a small or mid-size company, having its datacenter SOC (Service Organisation Controls) and ISO (International Organisation for Standardisation) audited is not only very costly but also time-consuming. There, having access to a cloud infrastructure that is compliant and regularly audited comes very handy. One of the virtues of working with Azure is the fact that the datacentres and the services offered by Azure are compliance-ready and are regularly certified by independent entities.
Fortunately, there are a set of industry compliance standards that we can use to ensure that our suppliers can provide high-quality solutions. Almost any modern cloud infrastructure provider, like AWS or Azure, have audit reports available to their customers. In the case of Azure, they offer more than 90 different compliance audits, e.g. SOC 1,2,3, PCI DSS, ISO 27001, etc. The list of compliance audits is very extensive.
What does this mean for an SME like C4T that runs all its infrastructure on Azure? We can ensure to our customers that we are running our applications on a secure and performant infrastructure that is compliant with industry standards. The time saving for our DevOps, IT management and Information Security team is enormous since Microsoft Azure is taking care of guaranteeing compliance and performing audits. What also translates in a more cost-effective running of our infrastructure and services.
This article is part of a series of articles where we’ll show you how we are transforming our business. Keep an eye on our Inspire blog to learn more about topics such as how the cloud is changing technology design, where your data resides effects data security, and how important timing is when setting up a (start-up) solution.