GoodData Cloud Security and Compliance
GoodData Cloud is a cloud-native solution incorporating robust data security and protection across all layers. Owing to the flexibility in deployment options, you can select a model that best aligns with your security and compliance requirements. However, as with all cloud-based solutions, it’s essential to remember that information security is a shared responsibility.
Adherence to Security and Compliance Standards
GoodData Cloud supports the following compliance standards and certifications by default:
- Service Organization Control (SOC2)
- International Organization for Standardization (ISO) 27001/27002 Compliance
- EU and UK General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Family Educational Rights and Privacy Act (FERPA)
- Gramm-Leach-Bliley Act (GLBA)
- U.S. Health Insurance Portability and Accountability Act (HIPAA)*
* HIPAA is not supported by default, see HIPAA Add-On.
If you require a certification that is not yet supported:
- Talk to our sales team to discuss whether this certification can be added to the GoodData Cloud service.
- Consider using our on-premise solution, with which you can achieve certification independently of GoodData.
Business Continuity and Disaster Recovery
As a modern cloud native product, GoodData Cloud is built in a way that allows for out of the box high availability and supports automated means to implement business continuity and disaster recovery.
Our business continuity practices are aligned with the international standard for Business Continuity Management Systems (BCMS) ISO 22301.
GoodData Cloud is built to handle a range of availability issues, even up to a complete loss of one or more data centers in a given AWS region. If your customer standards necessitate further measures, adjustments can be made.