Vendor Security & Risk Responses

At Chinafy, we aim to be transparent with how we operate, secure and manage our cloud services. We understand many of you have a Vendor Risk Management process for cloud services and believe we deliver a great cloud service.

We have implemented a structural controls framework to manage the operations, security and reliability of our cloud services. Many of these controls are externally validated, and some of the controls are internal only.

If your Vendor Risk Management process is based on the Cloud Security Alliance (CSA) - Consensus Assessment Initiative Questionnaire (CAIQ), you can download our pre-completed questionnaire (below). If your Vendor Risk Management process is based on relying on external certification, see the next section about our Compliance certifications. 

If the options below do not answer the questions you have, feel free to contact our Chinafy Support team. 
A comment on the value of compliance
Chinafy has compiled the below questionnaire responses to answer the common questions and formats that we receive from customers. It is worth saying, however, that the questionaires are self-attestation style responses. No independent third party has tested or validated these responses, and so they should not be considered contractual and may be subject to change. 

We are a young company, but understand the importance of external certification. In the future, all of our independently validated, external attestations and certificates can, and will be found on our Chinafy Compliance page. We firmly believe these certifications can and should serve as your primary assurance that we are operating, securing and managing our cloud-services with the interests of our customers in mind. 

If you have any questions about our intended path to Compliance certificates, please ask.
Cloud Security Alliance (CSA) - Consensus Assessment Initiative Questionnaire (CAIQ)
Formed in 2009, the Cloud Security Alliance was a research organization to determine the best practices for secure cloud computing. Over time, the CSA has issued a number of papers and practices on how to secure your cloud, your cloud service, and how evaluate a cloud service provider. 

The CSA Cloud Controls Matrix (CCM) was developed, as well as the CSA Consensus Assessment Initiative Questionnaire (CAIQ), along with the STAR registry to house the completed questionnaires from cloud service providers. 

The CSA is among the best known cloud service frameworks and standards. Chinafy, is not yet a member. We have filled out the CAIQ v3.0.1 nonetheless in anticipation of seeking membership in due course. 

Please reach out to us if such document will with your vendor approval process. 

Fast track your vendor security assessment

Transparency is key to our security philosophy. That's why we partner with the Cloud Security Alliance (CSA) to make our Consensus Assessment initiative Questionnaire (CAIQ) publicly available.

Report a Vulnerability

Chinafy encourages customers and the security research community to report vulnerabilities in our product to us.
×

ノーティは、このフォームにご記入いただいた情報を、お客様との連絡、最新情報の提供、マーケティングのために使用します。当社からの連絡を希望される場合は、どのような方法でもお知らせください:

当社から受信したメールのフッターにある配信停止リンクをクリックするか、community@notey.com までご連絡いただければ、いつでも変更することができます。当社はお客様の情報を尊重し取り扱います。当社の個人情報の取り扱いに関する詳細については、当社のウェブサイトをご覧ください。下記をクリックすることにより、あなたは当社がこれらの条件に従ってあなたの情報を処理することに同意するものとします。

当社は、マーケティングプラットフォームとしてMailchimpを使用しています。購読を申し込むために下記をクリックすることで、あなたの情報が処理のためにMailchimpに転送されることを承認したことになります。Mailchimpの個人情報の取り扱いについてはこちらをご覧ください。