Digital experience company Acquia has successfully completed an Infosec Registered Assessors Program (IRAP) assessment. The assessment confirms that Acquia Drupal Cloud has achieved the Australian government security status of “Protected” on selected deployments. The IRAP assessment, which was conducted by a certified third-party, ensures cloud services are secured with automated and comprehensive security controls for authorised use by the Australian government.
Based on open-source Drupal, Drupal Cloud allows organisations to quickly and securely assemble and deploy digital experiences. This includes websites, portals, microsites and mobile apps. Australian government agencies can now deploy the version of Drupal Cloud which best matches their requirements. This includes leveraging scalability, elasticity and data sharing for near-instant, secure and governed access to their entire network of data.
Opening up public sector opportunities
Steven Hayes, Acquia’s General Manager, Asia Pacific and Japan, said the completion of the IRAP assessment enables Acquia to work closely with all Australian government agencies. This includes on their website implementations and hosting projects, while ensuring even greater security. “Meeting IRAP compliance at the ‘Protected’ level signifies Acquia’s continued investment in our security posture. As well as the region and public sector,” says Hayes.
“We look forward to working with Australian government departments and assisting them with their Drupal Cloud requirements.”
Australian government agencies can now purchase Drupal Cloud via the AWS Marketplace. This provides substantial savings for agencies already using AWS to reduce paperwork and streamline the RFP process. Any purchase of Drupal Cloud via AWS Marketplace will apply toward each agency’s cloud usage benefits.
Drupal steward programme
Acquia is a founding member of the Drupal Steward Programme. A web application firewall introduced by the Drupal Association and operated with the Drupal Security team. Acquia has implemented Drupal Steward protection across the entire Drupal Cloud platform. This provides seamless, immediate protection to customers by blocking malicious requests. It gives their IT teams time to test and implement security updates on their own timelines.
Globally, Acquia’s solutions and cloud platform technology in recent years have also achieved the following security levels. FedRAMP, ISO27001, SERVICE ORGANIZATION CONTROL (SOC 2) TYPE II, Federal Education Records Privacy Act (FERPA), HIPAA and PCI-DSS. Now IRAP accreditation has been added.
Enterprise Times: What this means for business.
Infosec is one of the most rigorous accreditations processes any technology company can undertake. Accreditation separates an information security expert from their competition and awards them a badge of credibility.
Congratulations are due to Acquia for gaining its Infosec badge in Australia, which opens its platforms to new public sector opportunities in the country. This is particularly significant considering the composable nature of its architect.
Earlier in the year, Acquia updated its Open Digital Experience Platform (DXP). The updates were designed to help marketers and developers architect the composable enterprise. Adding third party components into any architecture introduces security risk. Therefore having the Infosec seal of approval will only enhance Acquia’s ability to win public sector contracts in Australia.