The Elastica Cloud
Business-Ready and Secure
The Elastica Cloud – A Commitment to Uptime, Performance and Security We developed the Elastica cloud platform from the ground-up, leveraging multiple data centers to ensure high redundancy and availability and meet our customer commitment to uptime and performance.
Elastica uses best-in-industry commercial security products for daily scanning of its environment and services. We also engage professional security vendors to perform third party penetration tests and audits of our environment on an annual and bi-annual basis, respectively, while internal system scans are performed daily.
Elastica uses multiple data centers to provide redundancy. The Elastica data centers are in geographically distributed regions and are highly redundant in themselves.
Compliance and Internal Controls: SOC 2 Type-2
Elastica CloudSOC platform meets the criteria for the trust services principles set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles (AICPA’s) under the Service Organization Controls 2 (SOC-2) standards. The trust services principles’ described in the AICPA’s guidelines define the essential practice controls relevant to availability, security, confidentiality, privacy, and integrity that are pertinent to service organization such as Elastica. The security, availability, and processing integrity criteria are related to the controls system, and the confidentiality and privacy criteria are related to the information processed by the system. SOC-2 report validates the operating effectiveness of all the system controls related to service design by providing independent assurance regarding compliance and internal controls. The SOC-2 report demonstrates our commitment to protect customer data by implementing the operational controls in accordance with trust services principles and assurance criteria thereby providing a transparency into organization control environment by articulating information in a structured manner.
Secure Data Handling and Destruction
Elastica has taken a simple, no nonsense approach to security: no device capable of holding data may ever leave a data center intact – it must be physically destroyed following the techniques detailed in the DoD 5220.22-M (National Industrial Security Program Operating Manual) or NIST 800-88 (Guidelines for Media Sanitization).