Certifications
| Certification | Region | Details |
|---|---|---|
| PCI DSS v3.2.1 | nz-hlz-1 (physical security) | Available upon request |
| PCI DSS v4 | nz-por-1 & nz_wlg_2 (physical security) | Certificate below |
| ISO 27001:2013 | nz-hlz-1 (physical security) | Available upon request |
| ISO 27001:2013 | Catalyst Cloud Ltd, including all regions | Certificate below |
| ISO 27017:2015 | Catalyst Cloud Ltd, including all regions | Certificate below |
New Zealand Government
Catalyst is the first cloud provider to address NZ Government requirements for cloud security.
The Government Chief Information Officer (GCIO) provides guidance to New Zealand Government agencies on how to assess the information security and privacy risks of cloud computing. Catalyst has published a document that addresses the security and privacy risks outlined by GCIO, providing clarity and confidence to agencies to migrate or develop new systems using the Catalyst Cloud.
Cloud Code of Practice
The CloudCode was developed by the New Zealand Cloud Computing industry, facilitated by the Institute of IT Professionals NZ and ensures that:
- Service providers will not call a service "Cloud Computing" unless it really is; and
- Service providers will disclose important details about their Cloud products and services, enabling customers to make informed decisions about the use of the services.
Catalyst is a signatory of the CloudCode and discloses information about the Catalyst Cloud as required.
DDoS Mitigation
The following paper describes some of the controls in place to mitigate the risk of DDoS attacks and provide additional information on what you can do to further protect your cloud applications.