AIS Cloud Security & Compliance
AIS focuses on safeguarding cyber security, whether through investing in security technology, improving processes, and capacity building, as well as strictly adhering to relevant security and legal measures to mitigate risks and impacts on business operations and customer service. Simultaneously, it can create additional value by providing enhanced cybersecurity services to individual and corporate customers.
Cybersecurity
AIS is one of the organizations identified as Critical Information Infrastructure (CII). We have established practices for managing testing and monitoring to maintain cybersecurity. This includes consistently developing and updating policies and practices to align with international standards and relevant regulations.
Cybersecurity Framework of the National Institute of Standards and Technology (NIST)
AIS has integrated the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework into the strategic planning and design of its cybersecurity system. This ensures that the processes for preventing, detecting, and responding to cyber threats are not only timely but also systematic. Furthermore, AIS aims to incorporate other relevant guidelines and international standards into our cloud and data center system and process development, aiming to elevate the effectiveness of IT defense and personal data protection.
Computer Security Incident Handling Guide by National Institute of Standards and Technology
Cybersecurity Operation Center (CSOC)
AIS operates a 24/7 Cyber Security Operation Center (CSOC) to continuously monitor and respond to potential cybersecurity threats within the organization. The CSOC utilizes User Entity Behavior Analysis (UEBA) to log data from various devices and provide real-time anomaly detection alerts. This approach significantly enhances AIS’s capability to detect and evaluate potential risks, ensuring timely and efficient responses to cybersecurity incidents. AIS’ CSOC is certified under the ISO 27001 Information Security Management System. This certification currently encompasses key service scopes, including Incident Response as a Service and CSOC Monitor as a Service. This ensures enterprise customers gain the highest level of confidence in our Cloud & Data Center security, aligned with international standards
Cyber Threat Response Procedure
In case of data breach : Data Protection Office is notified to trigger Data Breach Response Procedure
Data Privacy Protection
AIS develops the data privacy protection policy and guidelines applicable to the entire Company and all its affiliates to ensure that our cloud service and data center operations align with the legal framework and relevant regulations.
AIS is committed to strong Cybersecurity and Data Privacy management through a well-defined governance structure, overseen by dedicated committees and specialized teams. This ensures that every aspect of our Cloud amd Data Center services upholds the highest standards of security and protection.
AIS Cloud Shared Responsibility Model
In using cloud services, security is a shared responsibility between the customer and AIS. To ensure your workloads run securely on AIS Cloud infrastructure, customers must recognize their own responsibilities for security and compliance. AIS will safeguard the security of the cloud infrastructure and operations, while each customer organization is responsible for defining its own data protection and security practices within the organization.
Cloud customers can access detailed documentation on roles and responsibilities when activating AIS Cloud services, ensuring clarity on security practices and compliance requirements
AIS Cloud & Data center has received various certifications, demonstrating its commitment to attain and uphold the highest personal data protection standards as follows:
© 2024 Advanced Info Service PLC. All rights reserved.