Compliance

Compliance without complication.

Our compliance department works with independent auditors and third-party organizations to meet the industry’s most stringent guidelines to provide you reports and information for your own compliance needs.

The physical and virtual controls of our facilities, network, and customer portal are an extension of your own, and we make it easy for you to get the information you need for your own audits.

Responsibility

ResponsibilityYou secure your infrastructure using your own internal controls, and you rely on us to do the same.

Stringent Controls

Stringent Controls We work with independent auditors and organizations to meet the industry’s strictest guidelines.

Easy Access

Easy Access Our compliance reports are made available to all customers via the customer portal.

To learn more about our compliance standards,

SOC Reports

SOC Reports

ARN Server provides SOC 1, SOC 2 and SOC 3 reports. These reports evaluate ARN Server's operational controls with respect to criteria set by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. The Trust Services Principles define adequate control systems and establish industry standards for services providers such as ARN Server to safeguard their customers' data and information. Customers may download the current ARN Server SOC 1 and SOC 2 reports from the customer portal or contact our sales team. Our SOC 3 report is available for general use and can be accessed here: ARN Server SOC 3 Report. .

Safe Harbor

Safe Harbor

Safe Harbor is an important way for U.S. companies to avoid experiencing interruptions in their business dealings with the EU or facing prosecution by European authorities under European privacy laws. Certifying to the safe harbor will assure that EU organizations know that your company provides “adequate” privacy protection, as defined by the Directive.

csa

Cloud Security Alliance – STAR Registrant

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within cloud computing. One of the mechanisms the Cloud Security Alliance uses in pursuit of its mission is the Security, Trust, and Assurance Registry (STAR)—a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.

PCI Compliance

PCI Compliance

If you store or process credit card data then PCI Compliance and network security are of primary concern to your business. To ensure consistent standards for merchants, the Payment Card Industry Security Standards Council established Payment Card Industry (PCI) data security standards. These standards incorporate best practices to protect cardholder data, and they often require validation from a third-party Qualified Service Assessor (QSA). We help our customers meet their PCI compliance needs by providing an Attestation on Compliance from an independent QSA. The Attestation on Compliance can be used in conjunction with our SOC 2 report and ISO 27001 certification to demonstrate that the infrastructure meets the PCI controls. Customers and their auditors can use our reports to verify the PCI controls that are ARN Server’s responsibility are met.

For more information about and assistance to achieve, certify, and maintain PCI compliance for your ARN Server environment, please contact our sales team.

HIPAA Compliance

HIPAA Compliance

The U.S. Health Insurance Portability and Accountability Act requires specific security controls for businesses that store or process protected health information online. The ARN Server cloud platform meets all of the necessary requirements for HIPAA on the data center/service provider side.

For more information about and assistance to achieve, certify, and maintain HIPAA compliance for your ARN Server environment, please contact our sales team.

EU Model Clauses

EU Model Clauses

ARN Server offers its customers the ability to choose precisely where to locate data, with  Data Center on five continents. For customers who wish to transfer data originating in the European Economic Area to a country outside the EEA, ARN Server offers European Model Clauses in the form approved by the European Commission and European Union's data protection authorities. The European Model Clauses guarantee European customers that ARN Server supports the necessary data privacy protections in every location on the globe.

For more information and delivery of the EU Model Clauses for your ARN Server environment, please contact our sales team.

 

ARN Server Security
Incorporate our broad selection of hardware and software security resources to protect your cloud environment.
How to Request a SOC Report
Follow these simple steps to request and access a SOC report from SoftLayer for internal usage. .
The ARN Server Platform
Learn more about ARN Server’s data centers, network, and automation.
Chat with our team to find out more about our compliance standards.