Nasuni Corporation, a leading provider of file data services, announced the successful completion of its SOC 2 Type 1, CSA STAR Level 2, and HIPAA audits for 2022, providing enterprise customers with strong third-party validation of its security and compliance systems as it enables their digital transformation and use of the cloud. The company also had its ISO/IEC 27001:2013 certified provider status renewed for the current year. Unstructured file data contains the most sensitive enterprise intellectual property, and legacy storage and data protection technologies fail to provide adequate protection for this data. Cloud file services leverage the durability of the public cloud to deliver unmatched protection.
Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 Type 1 examination is designed for organizations of any size, regardless of industry and scope, to ensure the personal assets of their potential and existing customers are protected. SOC 2 Type 1 reports are recognized globally and affirm that a companyโs infrastructure, software, people, data, policies, procedures, and operations have been formally reviewed. Nasuni plans to undergo another audit later this year to achieve SOC 2 Type 2, which assesses how effective these controls are over time by observing operations for a specified period.
CIO INFLUENCE:ย Ascend.io Launches Solution in Partnership with Snowflake, Enabling Cost Savings for Data Teams
โA SOC 2 audit is a statement about an organizationโs commitment to protecting their information,โ saidย Stephanie Oyler-Rankin, SOC Practice Lead at A-LIGN. โAs a trusted third-party assessment firm, A-LIGN independently evaluates client data processes and procedures, governance on internal controls, and security posture. Nasuniโs SOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.โ
The HIPAA (Health Insurance Portability and Accountability Act of 1996) audit illustrates that Nasuni meets the standards of the Privacy, Security, and Breach Notification Rules of HIPAA. HIPAA is a U.S. Federal law put in place to protect healthcare information as required for healthcare organizations. While Nasuni is not in the healthcare industry, this is important for customers who are, especially for those for whom Nasuni may be considered a HIPAA Business Associate.
CSA STARย (Cloud Security Alliance โ Security, Trust, Assurance, and Risk) Level 2 demonstrates Nasuniโs commitment to achieve cloud security competency, and a commitment to the industry at large. Itโs based on attaining ISO 27001 certification and meeting additional criteria specified in the Cloud Controls Matrix (CCM) Version 4. Nasuni proved that it conforms to the requirements of ISO 27001, has addressed issues critical to cloud security as outlined in the CCM, and has been assessed against the STAR Capability Maturity Model for the management of activities in CCM control areas.
CIO INFLUENCE:ย Anglicare Leverages Ribbon and Switch Connect for Voice Consolidation and Path for Microsoft Teams Deployment
The audits were conducted late last year by leading compliance assessor A-LIGN, a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks.
โEnsuring that the most effective and comprehensive security measures are in place for both Nasuni and its customers is our top priority,โ saidย John Bilotti, Chief Information Officer/Chief Information Security Officer at Nasuni. โThese successful audits demonstrate Nasuniโs commitment to providing its customers with the highest security standards, at all stages, as they leverage the cloud to gain advanced access, collaborate, scale, and improve economics over legacy solutions.โ
Compliance with internationally recognized standards like SOC 2 confirms that Nasuniโs security program follows industry best practices in the most comprehensive manner possible. This is a clear illustration that the companyโs commitment to data security has been formed, implemented, and controlled in all areas as the standard requires.
CIO INFLUENCE:ย Datometry Releases Driver Integration for BigQuery, Further Future-Proofing Its Customersโ Investments
[To share your insights with us, please write toย sghosh@martechseries.com]
