CoreSite successfully completed its annual compliance examinations for the colocation services across 21 operating multi-tenant data centers. The SOC 1 and SOC 2 examinations are attestation standards issued by the American Institute of Certified Public Accountants, and both reports have been issued under the AICPA’s Statement on Standards for Attestation Engagements and equivalent international standards. ISO 27001 is an internationally recognized standard that outlines the requirements for constructing a risk-based framework to initiate, implement, maintain, and manage information security within an organization.
SOC 1 Type 2 and SOC 2 Type 2, ISO 27001, NIST 800-53, PCI DSS, HIPAA
NIST 800-53 is a publication that recommends security controls for federal information systems and organizations. The PCI DSS is a broad set of standards that require merchants and service providers that maintain or host systems that store, process, or transmit customer payment card data to adhere to strict security controls and processes. HIPAA requires that covered entities and business associates take strong measures to protect the privacy and security of protected health information.
CoreSite successfully completed the following annual examinations:
- System and Organization Controls (SOC) 1 Type 2 examination
- SOC 2 Type 2 examination
- International Organization for Standardization certification for Information Security Management Systems (ISO 27001)
- National Institute of Standards and Technology Publication Series 800-53 (NIST 800-53) attestation based on the high-impact baseline controls and additional Federal Risk and Authorization Management Program (FedRAMP) requirements for a subset of control families applicable to colocation services
- Payment Card Industry Data Security Standard (PCI DSS) validation
- Health Insurance Portability and Accountability Act (HIPAA) attestation for the HIPAA Security Rule and the Health Information Technology for Economic and Clinical Health Act (HITECH) Breach Notification requirements