Compliance for Trust and Verification

See How RMS(one) Solutions Enable Compliance

Industry-Standard Certifications

RMS security practices comply with the most widely accepted industry standards and regulations, including ISO 27001 and SOC 2 for security, availability, and confidentiality.

Geo-Specific and Regional Compliance

RMS(one) solutions adhere to applicable data privacy compliance requirements in the geographical regions we operate in.

Similar to our existing compliance with the European Data Privacy Directive, we are also GDPR ready.

Independent Audits and Continual Improvement

We use independent third-party auditors to conduct annual reviews of our systems and controls.

In addition, we are committed to continually improving our security programs, systems, and controls, and we welcome feedback from internal teams, customers, and auditors.

Secured and Delivered via Microsoft Azure

Microsoft Azure cloud services are the foundation of the RMS(one) platform, which runs in geographically distributed Microsoft facilities designed for 24x7x365 availability.

Each facility employs measures to protect your operations from power failure, physical intrusion, and network outages. All facilities comply with ISO 27001 and SOC 2 standards for security, availability, processing integrity, and confidentiality.

Redundancy at the Platform Layer

The RMS(one) platform features built-in redundancy at several layers, and all functions are spread across multiple servers. If one server or server rack goes down, the core platform will continue to run. If a core system function fails, workloads are rerouted to properly running functions.

Compute capabilities reside within Microsoft Availability Sets, which allow for the RMS(one) platform to run across virtual machines in different fault domains.

Designed and Architected for Business Continuity & Disaster Recovery

Our network is connected to one of the world’s largest fiber backbones and supports multiple terabit connectivity with more than 70 points of presence. This network provides multiple paths to providers, allowing instantaneous reroutes around internet failures.

During a disaster recovery event, backed-up data is sent out-of-region for safekeeping or restored to a duplicate environment operated by RMS within geopolitical boundaries and with user access enabled. This environment is patched and kept up-to-date on regular release cycles.