The latest and greatest from Sungard AS



Cloud Security

Double accreditations for Sungard AS’s cloud offering

8th August 2014

Security and resilience are both critical considerations in the choice of a cloud provider. We were therefore delighted when our Enterprise Cloud Services were awarded two high profile industry accreditations: IL3 and PCI-DSS.

Setting us apart from the rest
Sungard AS is now ‘Pan Government Accredited’ up to what is termed Official-Sensitive (previously known as IL3 Restricted) level to provide secure cloud services to UK central and local government departments. Services will be offered via the online marketplace known as the G-cloud Store.

This official recognition differentiates us from competitor services as we can now offer highly secure, low cost cloud services capable of hosting restricted UK government data. In fact, there are currently only three other service providers who have achieved this authorisation level for IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) offerings.

Our secure, agile cloud services will be accessible to UK government customers across the Public Services Network (PSN). This is the trusted shared infrastructure that connects increasing numbers of organisations delivering public services to each other and to cloud-based and hosted services. Peace of mind is assured, knowing that Sungard AS’s processes are underpinned by ITILv3, ISO 20000 and ISO 27001 certification.

Further proof of our cloud security
Sungard AS is one of the only cloud providers to have been rated compliant with the Payment Card Industry Data Security Standards (PCI-DSS). A secure cloud is critically important to customers who accept credit card payments within a virtualised environment.

As recent data breaches involving major US retailers have shown, PCI-DSS compliance is no guarantee of data security but it’s a very important starting point. Card issuers can fine non-compliant firms suffering a data breach for the loss of their data. The latter may also be liable for the fraud losses as well as the operational costs incurred. On top of this, there’s the reputational damage and loss of customer goodwill.

Complying with the Standard is challenging for all organisations doing business in the cloud; although they’re responsible for meeting PCI-DSS requirements they have no access to the shared software infrastructure underlying their hosted cloud. Our scope as a cloud services provider has therefore had to expand beyond compliance at the hardware level and involved many Sungard AS teams across multiple geographies.

To discuss how our cloud services could benefit your organisation, or to discuss how PCI-DSS affects you, call 0800 143 413 or email