GoodData Takes Leadership Role in Cloud Security Compliance
Company adopts global security standards while ensuring transparency with customers
San Francisco, November 1, 2017 — As May 2018 draws near and compliance with the EU’s General Data Protection Regulation (GDPR) comes closer to being required for processing personal data of European residents, companies must establish standards to ensure protection of this personal data. GoodDataⓇ, whose cloud-based platform enables organizations to provide data-driven insights and automation at the point of work, is taking a leadership role in complying with a broad array of global security standards, including GDPR, and in ensuring data privacy compliance transparency with its clients.
Well known as an early adopter of global security and privacy regulations, GoodData has worked with governments and organizations in the United States, the European Union, and around the world to align with their missions to protect both consumer and business data in the ever-growing cloud.
While use of cloud-based services has become more prevalent in recent years, some enterprises are still uncertain about how cloud service companies manage the security aspect. “Some organizations feel that on-premise solutions are more secure,” explains GoodData Director of Security and Compliance Tomáš Honzák, “because they can physically see the servers and the measures for protecting them. But this is a flawed perspective. In reality, not only do cloud vendors typically have more secure infrastructures, but they assign a much higher priority to protecting data than do most internal IT teams.”
“At GoodData, we know that if customers are going to trust us with their information,” continues Honzák, “we have to show them that we’re serious about security, and we walk them through the steps we’re taking to ensure that their assets are protected.”
As a global end-to-end insights distribution platform, GoodData has been an early adopter of numerous security standards, including
- GDPR: The European Union’s standards for consumer data privacy, scheduled to go into effect on May 25, 2018. GoodData is currently ahead of schedule in complying with GDPR and anticipates full compliance ahead of the deadline;
- HIPAA: GoodData provides a HIPAA compliant environment for safeguarding personal medical information as set forth in the United States’ Health Insurance Portability and Accountability Act of 1996;
- SOC 2, Type II Report: GoodData annually commissions an audit and a report focused on non-financial reporting systems and controls as they relate to security, availability, processing integrity, confidentiality, and privacy;
- EU-US and Swiss-US Privacy Shield: GoodData annually certifies its compliance with these personal data transfer mechanisms based on certain “Privacy Shield” principles governing participating organizations’ use and treatment of personal data; and
- ISO 27001: The International Organization for Standardization’s certification focused on information security management systems. GoodData is targeting its compliance by the end of 2017.
Honzák points out that complying with standards and achieving certifications is only one part of GoodData’s commitment to security. “No system exists in isolation,” he explains. “GoodData is one element in a huge global chain that also encompasses our service providers, our customers, and their customers. If we are to work together on the mission of data security, transparency is vital.”
GoodData routinely conducts thorough conversations with each customer about its security policies and about how data is handled in the platform. “We’re making sure our customers understand how seriously we take security and the approach we’re taking,” says Honzák. “We’re very frank about the internal and external risks that they need to be aware of, and we show them the multiple layers of security that work together to protect their data within our platform.”
While no company can guarantee 100 percent security, GoodData has made the decision to go above and beyond what is required by law and assume a leadership role in cloud security compliance. “Complying with global standards — including those that are not specifically required — and working with our service providers,” notes Honzák, “places us in an ideal position to educate our customers on both the risks and the solutions, so that we can all work together to keep data safe and secure.”
GoodData is on a mission to break data silos. Flexible, open, secure, and scalable, GoodData’s leading data and analytics platform provides standardized metrics and real-time analytics across organizations and to their customers. To this day, GoodData has helped more than 140,000 of the world’s top businesses deliver on their analytics goals and scale their use cases — from self-service and embeddable analytics to machine learning and IoT.
GoodData is headquartered in San Francisco and is backed by Andreessen Horowitz, General Catalyst Partners, Intel Capital, TOTVS, and others. For more information, visit GoodData's website, and follow GoodData on LinkedIn, YouTube, Medium and Twitter.
Senior Director, Demand Generation