Compliance and security are huge challenges when building a cloud platform for customers who process privacy-sensitive data. Hyfen's compliant cloud is intended for the highly regulated market of financial services. During development, we encountered issues related to ownership, access and security of data, control and security of the platform, and much more.

 

Global concerns about the security of cloud services have led to a myriad of laws, standards and regulations. There are European, national and regional regulations, which overlap to varying degrees. How do you build a cloud that complies with all those rules? And to what extent does that compliance limit the flexibility and value of your services?

 

We built the entire infrastructure ourselves. The entire platform conforms to ISAE 3402 type II and SOC 2 type II assurance standars. In addition, it complies with many other essential laws and regulations, such as the AVG, PSD2 and DORA.

Hyfen, for example, also complies with the procurement guidelines and the cloud risk assessment of National Banks and regulators. The privacy risk analyses and measures on the platform apply to organizations in multiple sectors, such as the pension sector, banks and insurers.

​​

With our cloud solutions for regulated markets, we take a lot of work off our customers' hands. The cloud is managed by experts who are aware of every new rule and development. And do you decide to create or move your own cloud? You can lift your service and the associated structures and architecture from our platform and take it with you. In this way we relieve everyone who wants to digitize further, from start-ups to large companies.

​