All posts tagged with compliance


Heroku Card Payments Are Back in India

news , Program Manager, Business Operations

We re-enabled payments to Heroku in India! At the start of August, we resumed accepting credit and debit cards issued by Indian financial institutions.

From the engagement on our public roadmap, we know that there are many developers in India eager to get back on the platform. We want to address the work done to re-enable this functionality, and why Heroku stopped accepting payments from India in the first place.

We started by enabling 3D Secure (3DS) on our platform. 3D Secure is a protocol that prompts a user to use a dynamic authentication methods such as biometrics or token-based authentication to confirm their purchases.

Heroku Shield for Redis Is Now Generally Available

news , Product Management Director, Heroku Data

We are thrilled to announce that Heroku Shield for Redis is now generally available and certified for handling PHI, PII, and HIPAA-compliant data. Heroku Shield for Redis is the final missing data service for Heroku Shield, which is an integrated set of Heroku services with additional security features needed for building high compliance applications. All Heroku Managed Data Services — Heroku Connect, Heroku Data for Redis, Heroku Postgres, and Apache Kafka on Heroku — are now fully certified for handling PHI, PII, and HIPAA-compliant data as part of Heroku Shield. Security and compliance come standard with Heroku Shield, so developers and enterprises can focus solely on building great...

Apache Kafka on Heroku Shield is Now Generally Available

news , Product Management Director, Heroku Data

We are thrilled to announce that Apache Kafka on Heroku Shield is now generally available and certified for handling PHI, PII, and HIPAA-compliant data. Our newest managed data service unifies Heroku Shield, a set of Heroku platform services that offer additional security features needed for building high compliance applications, with Apache Kafka on Heroku, our fully-managed service based on the leading open-source solution for handling event streams.

Organizations of all sizes face relentless pressure to bring better apps and experiences to market, and those with a strong focus on data security like Health and Life Sciences (HLS) organizations need to balance safety and agility. Their...

Today we are proud to announce that Heroku has achieved several important compliance milestones that provide third party validation of our security best practices:

  • ISO 27001 Certification: Widely recognized and internationally accepted information security standard that specifies security management best practices and comprehensive security controls following ISO 27002 best practices guidance.
  • ISO 27017 Certification: A standard that provides additional guidance and implementation advice on information security aspects specific to cloud computing.
  • ISO 27018 Certification: Establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect...

Today we are happy to announce Heroku Shield, a new addition to our Heroku Enterprise line of products. Heroku Shield introduces new capabilities to Dynos, Postgres databases and Private Spaces that make Heroku suitable for high compliance environments such as healthcare apps regulated by the Health Insurance Portability and Accountability Act (HIPAA). With Heroku Shield, the power and productivity of Heroku is now easily available to a whole new class of strictly regulated apps.

Browse the blog archives or subscribe to the full-text feed.