Compliance Guides

Mapping namespace security to common compliance frameworks

GDPR

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also applies to organizations outside the EU that offer goods or services to EU residents or monitor their behavior.

How Namespace Security Helps

  • Article 5 (Principles): Maintaining a complete namespace inventory helps support accountability and transparency principles when processing personal data.
  • Article 6 (Lawful Basis): A clear inventory helps you document and demonstrate the lawful basis for each data processing activity.
  • Article 25 (Privacy by Design/Default): Namespace security is a key component of data protection by design and by default, using access controls and data minimization.
  • Article 30 (Records of Processing): Your namespace inventory can be tied directly to your required records of processing activities.
  • Article 32 (Security): Securing your namespace helps demonstrate appropriate technical measures for confidentiality, integrity, availability, and resilience of processing systems.

SOC 2

SOC 2 is a voluntary compliance standard for service organizations, developed by the American Institute of CPAs (AICPA). It evaluates controls against the Trust Services Criteria: Security (required) plus Availability, Processing Integrity, Confidentiality, and Privacy (optional, based on your services).

How Namespace Security Helps

  • Security (Required): Namespace isolation, least-privilege access controls, and monitoring help demonstrate protection against unauthorized access, use, or modification.
  • Availability: Capacity management, redundancy, and disaster recovery per namespace help support commitments on system uptime and continuity.
  • Processing Integrity: Namespace boundaries and controls help ensure systems process data completely, accurately, and in a timely manner.
  • Confidentiality: Data classification, encryption, and restricted access within namespaces help prevent unauthorized disclosure of sensitive information.
  • Privacy: Namespace security controls support privacy commitments related to collection, use, retention, and disposal of personal information.