Skip to main content
Version: latest

Certification of Compliance

ISO 27001:2022

ISO 27001 logo

The International Organization for Standardization 27001 Standard (ISO 27001) is one of the leading international standards focused on information security. Spectro Cloud has obtained the ISO 27001:2022 Certification and undergoes periodic audits to maintain this certification. ISO 27001:2022 Certification provides assurances that Spectro Cloud is identifying and managing risks effectively, consistently, and measurably.

Below are some reasons why an ISO 27001:2022 Certification is important:

  • Customer trust and confidence: Clients and partners often look for assurances that their sensitive information is handled securely. Achieving ISO 27001:2022 certification can enhance customer trust and confidence, potentially leading to increased business opportunities.

  • Risk Management: By implementing ISO controls and measures, companies can mitigate these risks, protecting sensitive data from unauthorized access or disclosure.

  • Legal and regulatory compliance: Adhering to ISO 27001:2022 demonstrates a commitment to information security, which can help organizations comply with various legal and regulatory requirements related to data protection and privacy.

  • Global recognition: ISO 27001:2022 is globally recognized. This helps organizations communicate their commitment to information security across borders.

SOC 2 Type II

soc2.webp

The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) Attestation provides assurances over control environments. Spectro Cloud’s SOC 2 Type II audit report provides assurances of our organization’s security and availability.

  • SOC 2 audits are an important component in regulatory oversight, vendor management programs, internal governance, and risk management.

  • These reports help our users and their auditors understand the controls established at Spectro Cloud to support operations and compliance.

  • Spectro Cloud’s SOC 2 Type II report is available upon request for any customers or prospects with a signed non-disclosure agreement in place.

FIPS 140-3

Spectro Cloud is validated against FIPS 140-3 with Certificate number 5061 in compliance with the Cryptographic Module Validation Program (CMVP).

Our Spectro Cloud Cryptographic Module is a general-purpose cryptographic library. The FIPS-enforced Palette VerteX edition incorporates the module in the Kubernetes Management Platform and the infrastructure components of target clusters to protect the sensitive information of regulated industries. Palette VerteX supports FIPS at the tenant level. For more information about the FIPS-enforced Palette edition, check out Palette VerteX.

Joint Certification Program

JPC-Compliance

We maintain certification under the Joint Certification Program, a program between Canada’s Department of National Defense and the U.S. Department of Defense, that helps to protect controlled Unclassified Military Critical Technical Data (MCTD) and technology from common adversaries. Our Joint Certification Program certification establishes the eligibility of Spectro Cloud, Inc., to receive technical data governed by the Technical Data Control Regulations (TCDR).