Since its inception, Peak 10 has implemented and maintained strong safeguards within our data centers and cloud infrastructure to help our customers cost effectively meet their regulatory compliance requirements. As a result, our compliance and security program is one of the most robust in the industry.
It’s even stronger now that our information security program is ISO/IEC 27001:2013 certified.
Published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), ISO/IEC 27001:2013 is considered the de facto global standard for an Information Security Management (ISM). It formally outlines requirements for an Information Security Management System (ISMS) to help protect and secure an organization’s data, and provides a framework to ensure the fulfilment of commercial, contractual and legal responsibilities.
Network-wide Information Security
ISO/IEC 27001:2013 details international best practices for data security. It includes, but is not limited to, requirements for documentation, divisions of responsibility, availability, access control, security, auditing, continuous improvement and corrective and preventive measures.
Among the specifics is that it requires that a company’s management team to:
- Systematically examine the company’s information security risks, including threats, vulnerabilities and impacts.
- Implement comprehensive controls to address unacceptable information security risks.
- Adopt an overarching management process to ensure the controls continually meet the company’s information security needs, now and going forward.
Stronger Than Ever Compliance Program
This latest certification further strengthens Peak 10’s industry-leading security and compliance program. Peak 10 annually completes an SSAE 16 attestation engagement, and can provide SOC 1, Type 2; SOC 2, Type 2; and SOC 3, Type 2 reports to our customers.
The company is also certified under the Payment Card Industry Data Security Standard (PCI DSS) as a Level 1 service provider, and has been independently assessed for compliance with the stringent requirements for compliance with the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. In addition, Peak 10 is certified under the U.S. Department of Commerce Safe Harbor Program, known as the U.S.-EU Safe Harbor Framework “Safe Harbor.”
The Proof is in Our Priorities
So why did Peak 10 add the ISO/IEC 27001:2013 certification?
The need to tighten controls on security management and the handling, storage and transmission of sensitive data is more important than ever. Certifying our adherence to the standard demonstrates that Peak 10 has an information security program in place to help protect and preserve the confidentiality, integrity and availability of information, and to help manage and control information security risks.
Peak 10’s security and compliance program also allows our customers to take advantage of many of the processes and controls that we have in place to help them meet the security and regulatory compliance requirements of their business.
Perhaps most important, it once again sends an important message to our customers and business partners. Information security is a priority at Peak 10, and we continue to do everything we can to minimize and mitigate risks.
You can learn more about Peak 10’s compliance program on our website. In addition, you can take advantage of the many free resources we provide, including these: