Privacy, Security & Compliance
Working with RedShield means working with a vetted, secure partner trusted by government agencies, financial institutions, and healthcare providers across the globe.
Certificates, Audits & Self-Assessments
ISO/IEC 27001:2013
This internationally acknowledged standard specifies security management best practices, comprehensive security controls, and defines best practice guidance.
The basis of the certification is development, implementation, and management of an overarching security program, which includes development and implementation of an Information Security Management System (ISMS).
The operation and maintenance of systems, assets, and processes utilized to deliver RedShield's services are certified as compliant to ISO/IEC 27001:2013.
PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard administered by the PCI Security Standards Council, which was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.
RedShield’s core operations and services operating from Auckland, Melbourne, and Sydney Data Centers are certified to PCI DSS v3.2.1, as applicable to a Level 1 Service Provider. We have a further program of work that will also see all other Data Centers certified to the same standard.
- RedShield's risk management program is compliant to the requirements of ISO/IEC 27001:2013, PCI-DSS, and NZISM and provides us with a rigorous framework of security controls
- The operation and maintenance of systems, assets, and processes utilized to deliver RedShield's services are certified to ISO/IEC 27001:2013
- RedShield's core operations and services certified to PCI DSS v4.0
Compliance & Regulations
Cloud Security Alliance (CSA) STAR Program Type 1
The CSA's Security Trust Assurance and Risk (STAR) Program encompasses key principles of transparency, rigorous auditing, and cloud security and privacy best practices.
RedShield has achieved STAR Level 1 status having completed the CSA Consensus Assessments Initiative Questionnaire (CAIQ). View STAR Registry Listing.
New Zealand Information Security Manual (NZISM)
As part of RedShield's commitment to the NZ Government's Telecommunications as a Service (TaaS) framework, we have completed a full certification audit against the requirements of the New Zealand Information Security Manual (NZISM).
Privacy and security policy
The RedShield Privacy and Security Policy details the general policy and practices for the types of information that RedShield gathers, how we use that information, and the options that our users have regarding our use of, and ability to correct, such information.
Modern Slavery Act
RedShield Security Limited recognize that although slavery, servitude, forced labour and human trafficking (‘Modern Slavery’) is illegal it remains a global issue.
We recognize that all businesses have a responsibility to discover and counter instances where modern slavery and human trafficking is taking place within their businesses and supply chains. This is a responsibility RedShield takes seriously and we prohibit human trafficking and the use of involuntary labor in any aspect of our business. Read our statement on the Modern Slavery Act.
Security questions or issues?
If you believe you have found a security vulnerability within the RedShield web domain, please let us know. We will investigate all reports and act quickly to fix valid issues.