NAVER Cloud, the First Among Korean Cloud Providers to Receive MTCS Certification
NAVER Cloud, the First Among Korean Cloud Providers to Receive MTCS Certification
NAVER Cloud, the First Among Korean Cloud Providers to Receive MTCS Certification
- First Korean company to receive MTCS Tier-3 cloud security certification, boosting its expansion into the global public cloud market
- MTCS certification to allow for the waiving of Korean financial cloud safety evaluation audits for basic security controls providing the greater potential to attract financial customers
2021-07-26
NAVER Cloud announced today that it has received a Multi-Tier Cloud Security (MTCS) certification, a Singapore standard for cloud security—the first among Korean cloud providers. MTCS is a prerequisite for participating in public tenders in Singapore, allowing NAVER Cloud to expand its opportunities beyond Korea and enter the global public cloud market.
MTCS is a cloud security certification managed by the Infocomm Media Development Authority (IMDA) of Singapore and developed by the Information Technology Standards Committee (ITSC) of Singapore. The MTCS Singapore Standard (SS 584:2015) is the world's first cloud security standard that covers multiple layers of cloud security, based on recognized international standards such as ISO/IEC 27001. This standard assesses public cloud safety and security in 19 areas of 117 control objectives and is divided into three tiers with increasing security requirements.
Despite undergoing its first MTCS evaluation, NAVER Cloud received the Tier-3 certification — the highest level of cloud security provided by the standard. This reflects NAVER Cloud’s maturity and capability to safely protect customers’ key information systems and important data. With many global companies headquartered in Singapore and MTCS being the world’s first standard for multi-tier cloud security, most public cloud providers in the Asia Pacific (APAC) region highlight their certifications as an important selection criterion. As this certification effectively proves the security and safety of NAVER Cloud, it will lead to further development of business opportunities in APAC, including in Singapore, while narrowing the gap between major global cloud service providers (CSP) and distinctly differentiating itself from domestic CSPs.
Furthermore, with its MTCS certification, NAVER Cloud expects to solidify its position in the domestic financial cloud business. Korean financial authorities evaluate cloud services for 109 basic control areas for public cloud providers, with additional 32 standards specifically required for the financial sector. Audits for basic protection controls may be waived if the cloud provider has a Cloud Security Assurance Program (CSAP) certification awarded by the Korean Ministry of Science and Information Technology and an internationally recognized certification such as MTCS, CSA STAR, and FedRAMP. NAVER Cloud has already received domestic CSAP and global CSA STAR certifications and is thus not required to undergo audit for basic security controls, further demonstrating its MTCS certification as a testament to its safety and security.
Financial companies closely evaluate cloud services when considering adopting them for their core systems. Although the aforementioned certifications may be grounds for waiving evaluation, having multiple domestic or global certifications instill greater confidence among financial institutions as each standard covers different basic protection controls—increasing the credibility of the cloud service.
NAVER Cloud had already been CSAP-certified to provide secure public and financial cloud services. And by obtaining MTCS Tier-3, NAVER Cloud now only further proves its high level of security and strengthens its credibility to public and financial institutions considering public cloud adoption.
Mr. Choi Won-hyuk, executive director and chief product officer of NAVER Cloud, said, “The MTCS certification is very meaningful as it has once again proved NAVER Cloud’s strengths in technology and security systems globally. By addressing security concerns in domestic and foreign public and financial sectors, we will further solidify our position as a strong and trusted cloud service provider.”
-END-