All posts tagged with compliance


Data Residency Concerns for Global Applications

engineering , Product Manager

Compliance Is Possible with the Right Provider

Because today’s companies operate in the cloud, they can reach a global audience with ease. At any given moment, you could have customers from Indiana, Indonesia, and Ireland using your services or purchasing your products. With such a widespread customer base, your business data will inevitably cross borders. What does this mean for data privacy, protection, and compliance?

If your company deals with customers on a global — or at the very least, multi-national — scale, then understanding the concept of data residency is essential. Data residency deals with the laws and regulations that dictate where data must be stored and managed....

Heroku Card Payments Are Back in India

news , Technical Program Manager

We re-enabled payments to Heroku in India! At the start of August, we resumed accepting credit and debit cards issued by Indian financial institutions.

From the engagement on our public roadmap, we know that there are many developers in India eager to get back on the platform. We want to address the work done to re-enable this functionality, and why Heroku stopped accepting payments from India in the first place.

We started by enabling 3D Secure (3DS) on our platform. 3D Secure is a protocol that prompts a user to use a dynamic authentication methods such as biometrics or token-based authentication to confirm their purchases.

Heroku Shield Key-Value Store Is Now Generally Available

news , Product Management Director, Heroku Data

We are thrilled to announce that Heroku Shield Key-Value Store is now generally available and certified for handling PHI, PII, and HIPAA-compliant data. Heroku Shield Key-Value Store is the final missing data service for Heroku Shield, which is an integrated set of Heroku services with additional security features needed for building high compliance applications. All Heroku Managed Data Services — Heroku Connect, Heroku Key-Value Store, Heroku Postgres, and Apache Kafka on Heroku — are now fully certified for handling PHI, PII, and HIPAA-compliant data as part of Heroku Shield. Security and compliance come standard with Heroku Shield, so developers and enterprises can focus solely on...

Apache Kafka on Heroku Shield is Now Generally Available

news , Product Management Director, Heroku Data

We are thrilled to announce that Apache Kafka on Heroku Shield is now generally available and certified for handling PHI, PII, and HIPAA-compliant data. Our newest managed data service unifies Heroku Shield, a set of Heroku platform services that offer additional security features needed for building high compliance applications, with Apache Kafka on Heroku, our fully-managed service based on the leading open-source solution for handling event streams.

Organizations of all sizes face relentless pressure to bring better apps and experiences to market, and those with a strong focus on data security like Health and Life Sciences (HLS) organizations need to balance safety and agility. Their...

Today we are proud to announce that Heroku has achieved several important compliance milestones that provide third party validation of our security best practices:

  • ISO 27001 Certification: Widely recognized and internationally accepted information security standard that specifies security management best practices and comprehensive security controls following ISO 27002 best practices guidance.
  • ISO 27017 Certification: A standard that provides additional guidance and implementation advice on information security aspects specific to cloud computing.
  • ISO 27018 Certification: Establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect...

Browse the blog archives or subscribe to the full-text feed.