SecNumCloud
“Trusted Cloud”?
The awarding of this “Trusted Cloud” label is based on the qualification of the cloud offer to the SecNumCloud reference framework drawn up by the French National Agency for the Security of Information Systems (ANSSI). This standard details the technical best practices with which cloud providers must comply, as well as legal criteria guaranteeing in particular that providers are not subject to non-European laws with extraterritorial scope, such as the famous Cloud Act, FISA and Executive Order 12333 of the United States.
The label thus aims to ensure that data entrusted to cloud computing providers such as Clever Cloud are kept under these optimal cybersecurity conditions. And that foreign powers cannot access them without being subject to the French and European legal regime.
For Clever Cloud, it was essential to take part in this process and prepare ourselves as early as possible for this qualification. That’s why we successfully submitted an application to benefit from the support of the BPI (the French state innovation agency), and assistance in collaboration with the ANSSI (the French National Agency for Security and Information Systems), with the aim of obtaining the “Trusted Cloud” label.
Is Clever Cloud SecNumCloud approved by the ANSSI?
Clever Cloud is a French player in the cloud market, which guarantees its immunity to US or Asian laws with extraterritorial reach. We operate servers in France, exclusively administered by staff based in Europe. Our security standards are high and ensure a very high level of protection for the data you entrust to us.
Clever Cloud already allows its customers to deploy their applications and databases on SecNumCloud qualified French and European operators’ infrastructures. You can choose a SecNumCloud deployment zone when ordering, or contact us for any specific request.
To cover the entire scope of the Cloud de Confiance label, Clever Cloud is also committed to SecNumCloud qualification of its PaaS offer and its own server infrastructure, in compliance with ANSSI requirements. You can contact us to find out more and benefit from support to anticipate the availability of this 100% SecNumCloud offer.
As part of the implementation of the France 2030 plan, ministers Bruno Le Maire and Jean-Noël Barrot have selected Clever Cloud‘s application to benefit from the SecNumCloud qualification support scheme operated by Bpifrance, in close collaboration with the Agence nationale de sécurité des systèmes d’information (ANSSI) and the Direction Générale des Entreprises (DGE). Read more about it in our blog.
See the official announcement in April 2023 in French (in French).
Do I need a Trusted Cloud offering?
If you are a private player, you are under no obligation to adopt a SecNumCloud level offering. Clever Cloud already provides you with an advanced level of cybersecurity with strong operational requirements, and full immunity from US extraterritorial laws, included in the base rate. However, you may want to consider SecNumCloud qualified hosting, especially if you are a Vital Information Operator (VIO).
If you are a public body, the “Cloud at the centre” doctrine attached to Circular No. 6282-SG of 5 July 2021 on the use of cloud computing by the State requires that in the event of recourse to a commercial cloud offering the chosen cloud offer must comply with the SecNumCloud qualification. Exclusively “if the computer system or application handles data of particular sensitivity. Whether it concerns in particular the personal data of French citizens, economic data relating to French companies. Or business applications relating to State employees”.