Contents
Last Reviewed: July 2025
Next Review Due: July 2026
Cloud Security and Data Privacy Alignment for RELIANOID Platform and Organization
RELIANOID is aligned with the principles of both ISO/IEC 27017 (Cloud-specific security controls) and ISO/IEC 27018 (Protection of personal data in cloud environments). These standards guide our development, deployment, and operational practices for both our RELIANOID Load Balancer and our organization-wide processes.
While RELIANOID is not officially certified under ISO/IEC 27017 or 27018, we have implemented the relevant controls and mapped them across our cloud architectures, internal policies, and customer-facing operations—supporting regulated industries such as finance, healthcare, public sector, and enterprise infrastructure.
We provide clear guidance and documentation for clients to understand the shared responsibility model, particularly in cloud deployments. RELIANOID enables clients to control configurations, access, and audit trails.
Our platform includes native Role-Based Access Control (RBAC), LDAP and SSO integrations, and supports MFA enforcement for privileged operations.
Pre-configured secure deployment templates are available for public, private, and hybrid cloud. Default configurations disable unused ports, enforce TLS 1.3, and use hardened OS images based on Debian Bookworm.
Internal governance ensures RELIANOID personnel follow secure cloud usage policies, including account separation, monitoring, and least-privilege access across all environments.
For multi-tenant use cases, strict data segregation and network segmentation are enforced using namespaces and encrypted channels, aligned with 27017 controls for customer separation.
RELIANOID Load Balancer does not collect PII by default, but if client configurations involve PII processing (e.g., in cloud logs or metadata), we ensure:
Clients retain full ownership and control over data processed via RELIANOID. No customer data is repurposed for analytics, marketing, or profiling.
Detailed audit logs are available for client actions and administrative events. Logs can be forwarded to client SIEMs or centralized logging services for compliance tracking.
Any subprocessors engaged (e.g., for managed support or infrastructure) are contractually bound to confidentiality and data protection obligations under GDPR and ISO/IEC 27018-equivalent terms.
All RELIANOID staff complete mandatory annual security awareness training, with targeted modules on cloud security, data privacy, and regulated industry expectations.
RELIANOID maintains formal, tested incident response procedures. Clients are notified in a timely manner per our DPA and service terms.
Vendors and subprocessors undergo pre-contract assessments, and we maintain a reviewed inventory with documented SLAs and security reviews.
Ongoing internal scans, configuration reviews, and posture benchmarking ensure that our cloud deployments remain compliant with evolving 27017/27018 recommendations.
We continue to enhance our security alignment with ISO/IEC 27017 and 27018 through:
RELIANOID supports clients operating in regulated sectors with:
| Date | Comment |
| 10th July 2025 | Initial publication of 27017 & 27018 alignment statement |
We invite inquiries for detailed compliance documentation, technical mappings, and assistance in integrating RELIANOID within ISO-aligned infrastructures.