Certifications
Partner with a company with the right compliance programs and certifications.
eSecureData is proud to have the necessary controls and measures that comply with local and corporate requirements. Please contact us for additional details and to further discuss your deployment needs.
Our SOC 2 Type II certification helps your business meet its SSAE 16 certification requirements in accordance with AT 101 (formerly the SAS70 and CSAE 3416 Type II).
Learn More
We’re always striving to improve and we’ve implemented ISO 27002 established guidelines and principles for security management into our organization.
Learn More
eSecureData is fully compliant with PIPEDA (The Personal Information Protection and Electronic Documents Act) and helps companies meet the mandatory provisions of the protection of personal information.
Learn More
eSecureData utilizes the Control Objectives for Information and Related Technology (COBIT5) framework for their information technology management.
Learn MoreWhat does this mean for our customers?
By outsourcing web hosting services like dedicated servers, virtual private servers (VPS), cloud servers, and shared hosting to a company that meets local and corporate requirements, including SSAE 16, your company can focus on what matters most—its customers.
Our SSAE 16 compliant hosting environment can take care of the following for you:
- Facilities and asset management
- Logical access and access control
- Network and information security
- Computer operations
- Backup and recovery
- Change and incident management
- Organizational and administrative controls
- Security policies, reporting, and monitoring
- Physical and logical security
Why partner with eSecureData?
SSAE 16 compliant web hosting
Enterprise-grade web hosting hardware
Secure hosting environment
Hardware and software firewall
IP-Restricted FTP
Managed backups with guaranteed retention
Multi-level intrusion prevention (IPS/IDS)
Anti-spam, anti-malware, anti-virus
Log management
AT 101 SOC 2 Certification
We’ve built a solid foundation around SSAE 16 requirements including physical security, data storage, and control procedures. As a result, our customers can feel confident that they are in a secure, reliable, and effective environment that has the proper controls for internet operations and highly available IT services.
The Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) issues the SSAE 16 Type II (formerly SAS 70) to service organizations that typically offer outsourced services. An auditor's report details the service provider's ability to offer adequate controls and safeguards when they host or process data belonging to their customers.
Contact us at sales@esecuredata.com for our SOC 2 report.
ISO 27002
As a company, we have developed standard organizational security standards and effective security management practices. Our customers can feel reassured that their business and governance requirements are met.
Our security management guidelines include:
- Security policy
- Organization of information security
- Asset management
- Physical and environmental security
- Communications and operations management
- Access controls
- Information systems acquisition, development, and maintenance
- Information security incident management
- Business continuity management
- Compliance
PIPEDA
We are fully compliant with all mandatory PIPEDA provisions. These outlines include, but are not limited to:
- Consent is garnered for collection of personal information
- Collection of personal information is limited to reasonable purposes
- Limited use and disclosure of personal informations
- Limited access to personal information
- Stored personal information must be accurate and complete
- Designated role of the Privacy Officer
- Policies and procedures for breaches of privacy
- Measures for resolution of complaints
- Special rules for employment relationships
PHIPA
PHIPA is often considered the Canadian equivalent to HIPAA (Health Insurance Portability and Accountability Act). Customers should note that as part of PHIPA compliancy, information stored and user consent is given to the healthcare provider that obtains and maintains the data, not the hosting provider.
As an IT service provider, we ensure the following:
- To send a notification of any privacy breach to the customer as soon as possible
- To provide a plain language description of our services
- To have our own written privacy policies
- To prepare an audit trail feature to track the use of our database
- To have written risk assessment of our systems
eSecureData is 100% owned and operated in Canada. For additional information, visit www.ipc.on.ca or contact us at sales@esecuredata.com
COBIT5
COBIT5 is an industry leading IT framework for the governance and management of enterprise IT and represents a critical component of our compliance program, including the ability for clients to work directly with certified staff to help build and meet their specific IT requirements.
The COBIT5 framework is focused on several distinct areas that help meet specific compliance and governance criteria, including:
- Audit and assurance for managing vulnerabilities and ensuring compliance
- Risk management for evaluating and optimizing enterprise risk
- Information security to oversee and manage information security
- Governance of enterprise IT that ensures alignment of IT goals and strategic business objectives