Compliance Standards

Exodata combines rigorous internal protocols with independent external assessments to ensure alignment with industry and regulatory compliance requirements, whether in data center or cloud settings.

Optimize Operations, Maximize Value: Exodata’s Business-Centric Approach

Your Safety is Our Priority

From comprehensive employee background checks to detailed record-keeping, along with quadruple layers of physical security, Exodata employs meticulous measures that are externally audited to align with HIPAA, CJIS, and SOC 1 & 2 guidelines. We can also assist your organization in meeting compliance standards like PCI, SOX, or GLB, and our services are registered under the Canadian Controlled Goods Program (CGP).

If you have a specific compliance requirement not listed, feel free to reach out for a tailored solution.

Adherence to Compliance Standards: A Core Principle

Exodata’s services and infrastructure are engineered to meet a wide range of compliance standards and regulations across various sectors. These include, but are not limited to:

  • SOC 1 and 2
  • PCI, GLB, and SOX

SOC 1 and 2 Compliance

The SOC 1 and 2 standards are essential benchmarks for data center security and auditing, especially for companies in regulated industries like healthcare, finance, and government. Exodata has undergone rigorous evaluations by independent auditors to ensure we meet these standards. These audits scrutinize various aspects including physical and digital access, change management procedures, documentation, and how we interface with clients.

Type II vs Type I: What’s the Difference?

Exodata holds a Type II status, certifying that our facilities not only have robust internal controls but also that these controls have been operational and effective over at least a 12-month period. Conversely, Type I only gauges effectiveness on a specific date and does not consider long-term operational integrity.

Exodata is SOC 1 and SOC 2 compliant across all our facilities.

Compliance with PCI, GLB, and SOX

Our infrastructure and processes make us eligible for PCI, Gramm-Leach-Bliley (GLB), and Sarbanes-Oxley (SOX) compliance. However, it’s crucial to note that each specific deployment must also adhere to these standards. If your environment will handle financial data, our team of experts can assist in building a deployment that meets these compliance requirements.