NAVER Cloud Platform Security Center

It is a place that provides security related information customers' safe use of the cloud services.

  • Security competitiveness of NAVER Cloud Platform

    NAVER Cloud Platform provides differentiated security services based on safety and reliability to help its customers focus on their business.
    NAVER Cloud Platform treats the protection of customer information as a top priority, and all of the services provided have been designed in consideration of security from the most basic physical level.
    Top-level security experts with various experience and know-how on global security threats are constantly striving to provide secure cloud services.

    Possession of various domestic and international security certifications

    NAVER Cloud Platform was first in Korea to acquire CSA STAR Gold level and MTCS Level 3, and its stability has been validated through the possession of various security-related certifications inside and outside of Korea that can be acquired through accredited certificate authorities, such as CSAP, ISMS-P, ISO/IEC, SOC, and PCI DSS. In addition, it actively makes investments for continued acquisition and maintenance of various security certifications.

    Learn More

    Protection of customer data and personal information

    NAVER Cloud Platform thoroughly complies with all relevant laws and international standards related to the protection of personal information inside and outside of Korea, such as the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
    It also provides various security services that directly protects customer data, enabling users to safely control and protect their own data.

    Learn More

    Customized compliance support for each industry

    NAVER Cloud Platform provides specialized compliance support services for various industries including public, financial, medical, game, education, media, and shopping. This enables customers to comply with compliance in cloud environments without major difficulties.
    The dedicated compliance response team supports customers' change management in the fastest way when security regulations inside and outside of Korea change.

    Learn More

    Provision of architecture for security enhancement

    NAVER Cloud Platform is providing security architecture and security guides to help customers build a secure and credible cloud environment with its security services.
    It's supporting customers with reference architectures so they can build the optimal cloud security environment where they can comply with major regulations required by private, public, and financial institutions.

    Learn More

    Provision of new vulnerability information and security-related materials

    NAVER Cloud Platform offers information about new vulnerabilities and applicable measures through security notices to promote its customers' secure service operation.
    In addition, it provides various materials related to security to help configure a secure environment by compensating for security vulnerabilities, from account management to resource and data protection, and auditing in the cloud environment.

    Learn More

    Penetration test

    NAVER Cloud Platform actively cooperates with your penetration tests to make execution of security activities easier for customers who need to perform penetration tests for various regulatory compliance purposes.The customers may conduct penetration tests under advance agreement and evaluate their service environment for security vulnerability inspection and response for the cloud environment and regulation compliance purposes.

    Learn More
  • NAVER Cloud Platform's security service map

    NAVER Cloud Platform provides security services in a total of eight areas to help customers effectively configure security system for cloud environments: threat detection and response, data protection, transmission section encryption, vulnerability management, access control, audit logging, compliance, and user authentication.

    serviceMap

    Threat detection and response

    The Security Monitoring product in the threat detection and response area is a managed service that provides a variety of features, such as anti-DDoS, IDS, IPS, WAF, and anti-virus, and safely protects the service 24/7 all year round in real time with professional personnel. Moreover, it detects and responds to security threats in mobile applications and files.


    Data protection

    The products in the data protection area provides features to manage encryption/decryption keys and securely protect certificates to be used in linked services.


    Transmission section encryption (private connectivity)

    The products in the transmission section encryption area are services that help you safely access the resources created on the NAVER Cloud Platform.


    Cloud security configuration management

    This product in the cloud security configuration management area is a service that enables you to identify security threats in the cloud by checking security settings, compliance, and asset visibility for resources in the cloud.


    Vulnerability management

    The products in the vulnerability area are the services that easily diagnose vulnerabilities in web, app, server operating systems, and WAS systems, and provide security guidelines.


    Access control

    The products in the access control area are the services that provide a similar role to firewalls in the on-premise environment.


    Audit logging

    The products in the audit logging area are the services that provide integrated management of cloud environment resources, resource modification, and deletion logs, as well as the recommended guidelines for safe use of cloud.


    Compliance

    The products in the compliance area of are the services that provide easy-to-understand guides for customers to conform with security certifications or regulations.


    User authentication

    The Sub Account product in the user authentication area is a role-based permission management service. You can register internal users as sub accounts and grant permissions to specific services.

  • Shared responsibility on cloud

    The global-level cloud security service provided by NAVER Cloud Platform begins with understanding NAVER Cloud Platform's shared responsibility on cloud.
    Shared responsibility on cloud means that the cloud service provider and the customer fulfill their responsibilities together,
    dividing their respective roles to safely protect the customer's resources configured on the cloud.
    To achieve this, NAVER Cloud Platform is committing its best efforts to fulfilling its responsibilities as a cloud service provider,
    and also provides various security services that can effectively protect the areas responsible by the customer.

    Tenant
    NAVER Cloud Platform
    Cloud LayerService Models
    IaaSPaaSSaaS
    Data
    Interfaces(APIs, GUIs)
    Applications
    Solution Stack(Programming languages)
    Operation Systems(OS)
    Virtual Machines
    Hypervisors
    Processing and Memory
    Data Storage(hard drivers, removable disks, backups, etc.)
    Network(Interfaces and devices, communications infrastructure)
    Physical facilities / data centers

    NAVER Cloud Platform constantly strives to provide world-class security services to safely protect customers' resources from security threats.