If you still have your data and applications on premise, are you sure that you have all needed certifications, and that they are all kept up to date? With the CalitechTM cloud, you don’t have to worry about this, because we will have all necessary certifications at your disposal. Following is a list of certifications you will enjoy if you trust your data to the CalitechTM cloud:
SOC 1 and SOC 2: Service Organization Controls certifications give you a baseline for the physical and logical access, data security and business continuity of your data. SOC-1 reports are audited reports on controls. Type I reports the existence of control policies and procedures and Type II verifies that these procedures are in practice by testing their operation effectiveness for a period of time. SOC-2 reports on various organizational controls related to security, availability, confidentiality or privacy. Make sure you know which type of certification your cloud computing provider has.
HIPAA: Health Insurance Portability and Accountability refers to a US federal regulation that ensures privacy of healthcare data by providing privacy standards to protect patients’ medical records and other health information. A data center with HIPAA certification is vital if you will have healthcare records in the cloud.
PCI: Essential for any company that processes credit card information. The Payment Card Industry (PCI) Data Security Standard is designed to ensure that all companies process, store and transmit credit card information securely.
Safe Harbor: This certification is required for many multinational companies. The U.S.-EU Safe Harbor Framework compliance process addresses European Union laws on the protection of personal data.
LEED Certification: Our data centers have a Leadership in Energy and Environmental Design certification. This means they comply with a set of rating systems for the design, construction, operation and maintenance of green buildings.
Energy Star: This is an international certification mark for energy efficient products from the United States. Devices using this product, such as our data centers, generally use significantly less energy than required by federal standards.
SSAE16: The Statement on Standards for Attestation Engagements 16 is an auditing standard. It replaced SAS 70 as the authoritative guidance for reporting on service organizations.
FISMA: The act recognized the importance of information security to the economic and national security interests of the United States. The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.