SEATTLE--(BUSINESS WIRE)--Today Cloudentity, a leading provider of B2B identity and authorization solutions, announced it has achieved SOC (System and Organization Controls) 2 Type 2 and ISO (International Organization of Standardization) 27001 certifications, confirming that its cloud-scale authorization solutions are compliant with the two most globally recognized and trusted security standards. The security and compliance audit was performed by BARR Advisory, P.A.
“Achieving these key industry certifications bolsters Cloudentity’s position as a trusted partner for the publicly-traded organizations and financial institutions that we serve. These organizations are beholden to strict internal security controls as well as industry-imposed regulations,” said Brook Lovatt, Chief Product Officer of Cloudentity. “In addition, maintaining both SOC 2 Type 2 and ISO 27001 compliance positions Cloudentity to serve a broad international community of organizations that will only adopt solutions from certified vendors. The required compliance types and levels vary from region to region, but nearly all require either SOC 2 or ISO, and some require both.”
As cyber threats evolve, businesses often rely on maintaining compliance standards within their own organization’s infrastructure to ensure the required levels of assurance. Most of these businesses require the same levels of compliance from the software vendors and service providers they work with. By achieving compliance certification for both SOC 2 Type 2 and ISO 27001, Cloudentity has solidified its position as the top SaaS authorization platform that can be implemented by companies with even the most stringent security policies and postures.
SOC 2 Type 2 reports are designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used by the service organization to process customers’ information. For compliance, companies must meet the following principles and related criteria from the American Institute of CPAs (AICPA) for practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
- HIPAA Security Rule Requirements: The system is compliant with the applicable HIPAA Security Rule requirements set forth in the U.S. Department of Health and Human Services (HHS) Health Information Portability and Accountability Act.
For more information on the Cloudentity SaaS Platform and its capabilities, please visit: https://cloudentity.com/platform/
Get started with Cloudentity for free with unlimited users and up to 1 million authorization grants per month. To schedule a demo and/or review its ISO and SOC certifications, contact Cloudentity at info@cloudentity.com.
About Cloudentity
Cloudentity provides the Identity and Authorization security foundation for B2B ecosystems like Open Banking, Embedded Finance and Open Healthcare. Delivered as a hybrid-cloud platform, Cloudentity reduces development timelines by providing developers with externalized declarative identity and fine-grained authorization services. Businesses can quickly meet regulatory requirements like CCPA and Open Banking for privacy, consent, and Financial Grade API security. For more information, go to www.cloudentity.com.
About BARR Advisory
BARR Advisory is a cloud-based security and compliance solutions provider, specializing in cybersecurity consulting and compliance for Software as a Service (SaaS) companies. A trusted advisor to some of the fastest-growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.