Security And trust
SOC 2 is a security audit and certification that assesses and attests the security controls of a service organization’s information technology system based on the Trust Services Criteria from the American Institute of Certified Public Accountants.
The SOC 2 audit evaluates the design and effectiveness of Instaclustr’s security controls and processes, including access controls, data backup and recovery, incident management and network security.
Achieving SOC 2 certification demonstrates Instaclustr’s commitment to security, availability and confidentiality (applicable SOC 2 Trust Services Criteria) providing assurance that we have built and reliably operate the controls needed to protect your sensitive data.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards required of all companies that process, store or transmit credit card information.
As a PCI-certified service provider, Instaclustr undergoes a PCI audit every year to confirm it is maintaining strict security protocols required by the Payment Card Industry to handle credit card information. These security protocols can be applied by all customers seeking the highest levels of security.
ISO 27001 is an international standard for information security management establishing the creation of an Information Security Management System (ISMS). It provides a systematic approach to managing sensitive information, including financial, personal and commercial information. The certification covers all types of information, including electronic and physical.
With our certified ISMS in place, NetApp and Instaclustr have developed a rigorous security and risk management program covering stored customer information regardless of location, including digital, paper and cloud-based data.
ISO 27018 is a code of practice for protecting customers’ personally identifiable information (PII) in the cloud. It provides additional security controls and guidelines specifically for cloud service providers handling customers’ PII, including data protection, privacy and incident management.
Instaclustr’s ISO 27018 certification demonstrates a commitment to information security and privacy, providing assurance to customers that rigorous controls are in place to protect their sensitive information.
The privacy and security of your personal information is our top priority. We maintain the highest security standards and are GDPR compliant. We have many customers with DPAs in place to ensure GDPR compliance for their Instaclustr services.
For more details on how we protect your data and how we can help you become GDPR compliant, please see Instaclustr’s Privacy Policy or email [email protected] to request an Instaclustr DPA.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a United States federal law requiring the creation of national standards for entities that handle the private health information (PHI) of individuals.
The Instaclustr Managed Platforms allow users to handle PHI data in compliance with HIPAA rules. Create a ticket and an Instaclustr representative will assist you with becoming HIPAA compliant.
To learn more about security and privacy or to request a copy of any Instaclustr certification (NDA required), please visit the NetApp Trust Center Library.