Global Certifications
| Certification | Description | Status |
|---|---|---|
CSA Star | A multi-tiered provider assurance program that documents the specific security and privacy controls implemented by cloud service providers.Read more | |
ISO 27001 | An international standard for information security management systems (ISMS) to manage sensitive company and client information. Read more
| Certified
|
ISO 27017 | A specialized code of practice that provides enhanced information security controls tailored for the provision and use of cloud services. Read more | |
ISO 27018 | An international standard for protecting personally identifiable information (PII) in public cloud environments. Read more | |
ISO 27701 | An extension to ISO 27001 for Privacy Information Management System (PIMS) and protection of personal data. Read more | In Process |
PCI-DSS | A global standard defining technical and operational requirements to protect payment card data and reduce fraud. Read more | Available upon request |
SOC 2 | An AICPA audit framework assessing security, availability, and confidentiality controls over a defined period. Read more |
U.S. government certifications
| Certifications | Description | Status |
|---|---|---|
CJIS | A security framework established by the FBI to ensure the protection and integrity of sensitive criminal justice information within the United States. Read more | In process |
FedRAMP | A U.S. government program providing standardized assessment, authorization, and continuous monitoring for cloud products. Read more | Certified |
GovRAMP | A standardized security authorization program specifically designed to meet the unique compliance needs of select U.S. state governments. Read more | Authorized |
| HIPAA | A Department of Health and Human Services (HHS) regulation establishing administrative, physical, and technical safeguards for health information. Read more | Aligned to support customer's compliance |
| IL5 (DoD) | A U.S. Department of Defense cloud security level required to host high-sensitivity Controlled Unclassified Information (CUI) and National Security Systems. Read more | In process |
| TX-RAMP | A mandatory certification program for cloud services used by Texas state agencies and public institutions of higher education. Read more | Certified |
Regional certifications
| Certifications | Description | Status |
|---|---|---|
C5 (Germany) | The Cloud Computing Compliance Criteria Catalogue (C5) defines the minimum requirements for secure cloud computing. Read more | Certified |
Cyber Essentials Plus (UK) | A U.K. government-backed certification assessing cybersecurity defenses against common internet-based threats. Read more | In process |
ENS High (Spain) | The National Security Scheme (Esquema Nacional de Seguridad), a framework establishing security requirements for digital services in public administration. Read more | Certified |
| ISMAP (Japan) | The Information System Security Management and Assessment Program evaluates cloud services against security requirements for government procurement. Read more | Certified |
| IRAP (Australia) | An Australian Signals Directorate program providing independent security assessments to ensure compliance with the Information Security Manual (ISM). Read more | Certified |
Accelerate compliance with key framework mappings
Framework Mapping: Secure Access for Government + NIST CSF 2.0 | Framework Mapping: Secure Access + CISA Zero Trust | Cisco TIC 3.0 Architecture Guide Aligns capabilities to TIC 3.0 architecture and federal security requirements. |
|---|