No Worries About the Safety of Your Data
Companies that manage confidential customer data – particularly those in the healthcare and payment processing industries – shouldn’t have to worry about the safety of their data. Tiverity’s cloud infrastructure was built to provide the highest levels of security and to support compliance, allowing even highly regulated companies to enjoy the benefits of cloud computing.
ISO 27001 Certified
Tiverity Cloud is certified under the International Organization for Standardization (ISO) 27001 standard. ISO 27001 is a widely adopted global security standard that outlines the requirements for information security management systems. It provides a systematic approach to managing company and customer information that’s based on periodic risk assessments. In order to achieve the certification, a company must show it has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information.
Cloud Security Alliance STAR Certification
Tiverity Cloud is certified under the Cloud Security Alliance STAR certification program, and was the first US based Cloud Provider to achieve STAR certification. The CSA STAR Certification is a rigorous third party independent assessment of the security of a cloud service provider. The technology-neutral certification leverages the requirements of the ISO/IEC 27001 management system standard together with the CSA Cloud Controls Matrix, a specified set of criteria that measures the capability levels of the cloud service.
Organizations that outsource services to cloud service providers have a number of concerns about the security of their data and information. By achieving the STAR Certification, cloud providers of every size will be able to give prospective customers a greater understanding of their levels of security controls.
The STAR Certification is based upon achieving ISO/IEC 27001 and the specified set of criteria outlined in the Cloud Controls Matrix.
SOC 2 Attestation
Tiverity Cloud has been audited against the Service Organization Control (SOC) reporting framework for SOC 2 Type 2. The report is available to customers to meet a wide range of U.S. and international auditing requirements.
Payment Card Industry (PCI) Data Security Standard (DSS) Level 1
The SOC 2 attestation report relates to the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Tiverity. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the criteria for the security principle set forth in the AICPA’s Trust Services Principles criteria.
Tiverity understands the challenges faced by organizations that accept, process or store credit card data, and has built a PCI DSS compliant cloud to help achieve compliance and reduce costs. With Tiverity, you can get to market faster, focus on your business, and avoid costly fines and damaged reputation that result from breaches.
Tiverity’s PCI-ready cloud solutions can include:
- Web application firewalls
- Malware protection
- Intrusion detection services
- Business continuity
- Audit log retention and review
- Physical and logical security
- Vulnerability scanning from a PCI ASV
HIPAA and HITECH bring with them strong requirements for privacy and security, as well as strong penalties for non-compliance. Tiverity delivers a secure platform on which to build solutions for providers and business associates. We also offer enhanced services to help protect the information stored in your environment.
Tiverity provides HIPAA-ready secure cloud environments for solutions such as:
- Cloud servers for SaaS vendors deploying healthcare applications
- Hosting for EMR/EHR management systems
- Intranet and extranet hosting for providers or business associates
- Cloud servers for website hosting