Catalyst Cloud attains leading international information security certification

31 March, 2022

At Catalyst Cloud, protecting our customers' data is our top priority. That’s why we are delighted to share that we have attained two ‘gold standard’ information security ISO certifications, ISO 27001 and ISO 27017.


Attaining these leading international standards demonstrates our ongoing commitment to data security and governance around how information is handled. The ISO 27001 standard focuses on information security through the adoption of an Information Security Management System. ISO 27017 is an extension to ISO 27001, specifically for cloud service providers and their customers, that provides a code of practice outlining additional information security controls.

Although data security and compliance at Catalyst Cloud have always been non-negotiable, the two-year certification process allowed us to undertake a thorough risk assessment of the business as a whole. This included identifying any risks and then implementing new processes and controls to mitigate these risks to an acceptable level.

These ISO certifications cover the information security management of Catalyst Cloud's entire business – from design, development and maintenance of our applications to our complete suite of services and infrastructure, including our three local data centres. This means you can enjoy business as usual, with added peace of mind that your data, and your customer’s data, is securely safeguarded.

Plus, as New Zealand’s only locally owned and operated cloud provider, our data sovereignty policy ensures that all our clients’ data stays safely in Aotearoa, protected by New Zealand law and data privacy regulations. This means there is no risk of unauthorised access of your data by overseas authorities – as there is with cloud providers abroad.

Being certified enables partners and customers to use our cloud more easily and demonstrates to their own clients that information under Catalyst Cloud’s custodianship is actively managed, and securely protected, in accordance with the requirements of a widely accepted framework.

“The ISO certification process required diligent work over a lengthy time by our dedicated team, and we are proud and grateful to have attained this international ‘gold standard’. Along with our recent All of Government Cloud Framework Agreement announcement, our ISO certifications provide that additional assurance to all our customers, including government agencies, of our commitment and ability to protect their customers’ data,” says Andrew Ruthven, Catalyst Cloud’s Chief Information Security Officer.

Catalyst Cloud welcomes the opportunity to support customers and partners to attain their own ISO 27001 certification to further protect their data. Talk to Us today for more information on how we can help you.

About Catalyst Cloud

Catalyst Cloud is Aotearoa New Zealand’s cloud provider. With offices in Wellington and Auckland, Catalyst Cloud has been providing cloud infrastructure and platform services at international standards since 2014 and became an independent company within the Catalyst IT group in August 2017.

As a New Zealand owned and operated business, all our clients’ data stays safely in Aotearoa, protected by New Zealand law and data privacy regulations. Catalyst Cloud provides open technologies, like OpenStack and Kubernetes, so clients are never locked in.

Catalyst Cloud is dedicated to growing the digital economy in Aotearoa, with every dollar spent on our cloud solutions driving local innovation, talent and growth.

Follow us on LinkedIn