NAVER CLOUD PLATFORM

NAVER Cloud Platform Security Center

It is a place that provides security related information customers' safe use of the cloud services.

  • Security competitiveness of NAVER Cloud Platform

    NAVER Cloud Platform provides differentiated security services based on safety and reliability to help its customers focus on their business.
    NAVER Cloud Platform treats the protection of customer information as a top priority, and all of the services provided have been designed in consideration of security from the most basic physical level.
    Top-level security experts with various experience and know-how on global security threats are constantly striving to provide secure cloud services.

    Possession of various domestic and international security certifications

    NAVER Cloud Platform was first in Korea to acquire CSA STAR Gold level and MTCS Level 3, and its stability has been validated through the possession of various security-related certifications inside and outside of Korea that can be acquired through accredited certificate authorities, such as CSAP, ISMS-P, ISO/IEC, SOC, and PCI DSS. In addition, it actively makes investments for continued acquisition and maintenance of various security certifications.

    Protection of customer data and personal information

    NAVER Cloud Platform thoroughly complies with all relevant laws and international standards related to the protection of personal information inside and outside of Korea, such as the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
    It also provides various security services that directly protects customer data, enabling users to safely control and protect their own data.

    Customized compliance support for each industry

    NAVER Cloud Platform provides specialized compliance support services for various industries including public, financial, medical, game, education, media, and shopping. This enables customers to comply with compliance in cloud environments without major difficulties.
    The dedicated compliance response team supports customers' change management in the fastest way when security regulations inside and outside of Korea change.

    Provision of various native security services

    NAVER Cloud Platform provides various security services to implement a strong security system by hierarchically protecting customer data, accounts, applications, networks, and endpoints.
    It constantly strives to provide world-class security services to safely protect customers' resources from security threats.

    Provision of resources for security enhancement

    NAVER Cloud Platform provides various materials such as security architecture info, white papers, and guides, to enhance and inspect customers' cloud environments.
    Through these materials, it supports customers to directly configure an optimal cloud security environment by compensating for security vulnerabilities from account management to resource and data protection, and auditing in the cloud environment.

  • NAVER Cloud Platform's security service map

    NAVER Cloud Platform provides security services in a total of eight areas to help customers effectively configure security system for cloud environments: threat detection and response, data protection, transmission section encryption, vulnerability management, access control, audit logging, compliance, and user authentication.

    serviceMap

    Threat detection and response

    The Security Monitoring product in the threat detection and response area is a managed service that provides a variety of features, such as anti-DDoS, IDS, IPS, WAF, and anti-virus, and safely protects the service 24/7 in real time through professional personnel. Moreover, it detects and responds to security threats on mobile applications, websites, and files.


    Data protection

    The products in the data protection area provides features to manage encryption/decryption keys and securely protect certificates to be used in linked services.


    Transmission section encryption (private connectivity)

    The products in the transmission section encryption area are services that help you safely access the resources created on the NAVER Cloud Platform.


    Vulnerability management

    The products in the vulnerability area are the services that easily diagnose vulnerabilities in web, app, server operating systems, and WAS systems, and provide security guidelines.


    Access control

    The products in the access control area are the services that provide a similar role to firewalls in the on-premise environment.


    Audit logging

    The products in the audit logging area are the services that provide integrated management of cloud environment resources, resource modification, and deletion logs, as well as the recommended guidelines for safe use of cloud.


    Compliance

    The products in the compliance area of are the services that provide easy-to-understand guides for customers to conform with security certifications or regulations.


    User authentication

    The Sub Account product in the user authentication area is a role-based permission management service. You can register internal users as sub accounts and grant permissions to specific services.

  • Shared responsibility on cloud

    The global-level cloud security service provided by NAVER Cloud Platform begins with understanding NAVER Cloud Platform's shared responsibility on cloud.
    Shared responsibility on cloud means that the cloud service provider and the customer fulfill their responsibilities together,
    dividing their respective roles to safely protect the customer's resources configured on the cloud.
    To achieve this, NAVER Cloud Platform is committing its best efforts to fulfilling its responsibilities as a cloud service provider,
    and also provides various security services that can effectively protect the areas responsible by the customer.

    Tenant
    NAVER Cloud Platform
    Cloud LayerService Models
    IaaSPaaSSaaS
    Data
    Interfaces(APIs, GUIs)
    Applications
    Solution Stack(Programming languages)
    Operation Systems(OS)
    Virtual Machines
    Hypervisors
    Processing and Memory
    Data Storage(hard drivers, removable disks, backups, etc.)
    Network(Interfaces and devices, communications infrastructure)
    Physical facilities / data centers