SOC 2

Last update: October 21, 2021

CloudFiles utilizes enterprise-grade best practices to protect our customers’ data.

 

Continuous Security Control Monitoring

CloudFiles uses Drata’s automation platform to continuously monitor 100+ internal security controls across the organization against the highest possible standards. Automated alerts and evidence collection allows CloudFiles to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.

 

Employee Trainings

Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.

 

Penetration Tests

CloudFiles works with industry leading security firms to perform annual network and application layer penetration tests.

 

Secure Software Development

CloudFiles utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.

 

Data Encryption

Data is encrypted both in-transit using TLS and at rest.

 

Vulnerability Disclosure Program

If you believe you’ve discovered a bug in CloudFiles’ security, please get in touch at security@cloudfiles.io. Our security team promptly investigates all reported issues.