News/Trends

Druva Achieves CSA STAR Level 2 and DESC Certification

Bhuvana Srinivasan, Senior Manager, Governance, Risk, Compliance

Druva is built with zero-trust design principles, and since day one, we’ve created the most secure SaaS platform for data security. That includes adhering to the most stringent data privacy and security compliance standards, so you can have peace of mind that your data is safe with Druva and our Data Security Cloud.

Certified for Global Data Security

Today we’re proud to announce that Druva has achieved two new certifications, both built on top of the company’s existing ISO 27001:2022 principles: 

  1. The Cloud Security Alliance (CSA) STAR Level 2 certification: A widely renowned advanced assessment of a cloud service provider's security and privacy posture, which involves a rigorous third-party audit against the detailed CSA's Cloud Controls Matrix (CCM), with clear responsibilities defined and tested as part of the shared responsibility model at Druva. Druva is the only SaaS data security vendor to have achieved CSA STAR Level 2 certification.

  2. Dubai Electronic Security Center (DESC) certification: A formal certification awarded to organizations that meet stringent DESC cybersecurity standards. The certification is recognized by the Government of Dubai and paves the path to successful operations as a SaaS provider in the UAE region.

These new certifications follow completion of the Australian Information Security Registered Assessors Program (IRAP) assessment at the PROTECTED level, which ensures the Data Security Cloud meets stringent security requirements set by the Australian government for managing and protecting data.

Combined with the roster of certifications/attestations we’ve already achieved – including FedRAMP Moderate, HIPAA, SOC 2, and StateRAMP – it’s clear Druva has the most secure SaaS data security solution to keep your data safe, wherever it lives.

What this means for customers: 

Druva is committed to meeting stringent standards so you can secure and recover data from all threats, in any country you operate. Achieving CSA Star Level 2 certification validates our security and privacy standards for the cloud, and represents rigorous cloud security standards that no other vendor in the data security space currently meets.

We understand that data threats can originate from anywhere in the world, and we want our customers to be ready for every risk by adhering to all cybersecurity policies and best practices across the globe. We are especially proud of DESC, as it means that Druva complies with multiple internationally accepted standards and regulations to support global operations for every business.

Organizations must ensure that they, as well as their business partners and service providers, adhere to all the necessary compliance regulations and security assessments because failure to do so can result in major financial repercussions. 

As your business grows, and as you expand into new markets and geographies, having partners who already comply with the legislations of the region can help you accelerate go-to-market momentum and make expansion easier and faster. 

Committed to Data Security, Privacy, and Compliance

These certifications underscore Druva’s commitment to data security, privacy, and compliance, and customers can have full confidence in our fully managed, 100% SaaS platform engineered to secure and recover data from all threats. 

With the Data Security Cloud, there is no hardware or software to manage. Maintenance, patches, and updates are all automatic saving you both time and money. At Druva, we ensure that your data has the best possible security, and your data protection experience is simplified, comprehensive, and autonomous.  

To learn more about our certifications, please visit our Trust Center.