RMS customers enjoy peace of mind because their data is hosted by world leading data centres with the highest levels of certification.

Some facts about the RMS data hosting solution:

• Certified SSAE16

• Located outside fault and liquefaction zones

• 45 onsite generators with 2 million litres of fuel in case of power outage

• Regular 3rd party penetration testing

• Dedicated servers meeting the extra requirements of council and other government bodies • Written data breach procedure

• Used by the US Marines (Fedramp certified)

Who hosts your Data? Ask your PMS vendor if they can match these requirements… In writing!


Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly important because the data is located in different places. 

Cloud computing security or, more simply, cloud security refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. Organizations use the cloud in a variety of different service models (with acronyms such as SaaS, PaaS, and IaaS). 

Security concerns associated with cloud computing fall into two broad categories: security issues faced by cloud providers (organisations providing software-, platform-, or infrastructure-as-a-service via the cloud) and security issues faced by their customers (companies or organisations who host applications or store data on the cloud). The responsibility is shared, however. The provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected, while the user must take measures to fortify their application and use strong passwords and authentication measures.


RMS data centres are SSAE16 (SOC1) Certified, meeting industry-recognized requirements for security and reliability. The exhaustive, third-party certification assessment included extensive testing of the control objectives and activities at all RMS data centre facilities, including oversight by executive management, operations and customer service, development and information technology organization, human resources policies and procedures, and risk assessment monitoring.

Additionally, the centres are self-certified with the U.S. Department of Commerce’s U.S.-European Union (EU) Safe Harbor framework, verifying that RMS meets the EU’s adequacy standard for data and privacy protection. Self-certification and participation in the Safe Harbor framework is entirely voluntary.

The facilities are located in private N+1 data centres outside fault and liquefaction zones. The facility is designed and constructed to sustain a seismic event while maintaining business functions and boasts low latency through superior connections to robust fibre optic loops, 55mW of existing electrical capacity, 45 on-site generators with .5-million gallons of on-site fuel storage, and a carrier vault system supported by more than 50 miles of embedded, secure conduits.



RMS 9+ undergoes regular penetration testing by an independent 3rd party security assessor to ensure the highest level of security for your data. Through the application of rigorous methodologies, the use of automated scanning tools, customised proprietary scripts and manual techniques, RMS 9+ is tested for exploitable vulnerabilities that could allow unauthorised access to key information assets.

RMS can supply redacted reports summarising the methods and methodologies used by request and completion of the RMS Non-Disclosure Agreement.

Please contact our sales team for more information, sales@rms.com.au



Payment Card Industry Data Security Standards (PCI DSS) refers to the global information standard set by the payment card industry to assist with the prevention of payment card fraud. RMS- The Hospitality Cloud is fully PCI DSS compliant, you can view our PCI DSS Certificate of Compliance here. 

Learn more about PCI Compliance here



Data breach is the act of gaining unauthorised access to the data belonging to RMS or any of its customers/vendors/partners, whose data is hosted with RMS in one of our data centres. Such data breach may result in data theft or data loss of personal or other sensitive information. The causes of data breach may include human errors, hacking attacks or inappropriate access controls. The responsibility and obligations for RMS vary depending on the causes of such breach. You can view the RMS Data Breach Response Plan here.