Author: Feather Bokker, Vice President Programs and Compliance
Data security and privacy have become paramount concerns for digital-first businesses and consumers alike. With the increasing frequency and sophistication of cyber threats, companies must take proactive measures to safeguard customers’ data infrastructures. At EdgeCore Digital Infrastructure, compliance certifications are not merely a box-ticking exercise; they represent critical business priorities.
So what compliance and certification processes are in place at EdgeCore? Here’s a rundown:
ISO 27001 Certification: Obtaining ISO 27001 certification is a multi-year process, and EdgeCore has invested considerable time and resources into achieving this standard. The certification addresses information security requirements within the organization and establishes an Information Security Management Committee (ISMC) responsible for overseeing the implementation and maintenance of the Information Security Management System (ISMS).
SOC 2 Type 2 Compliance: EdgeCore also complies with SOC 2 Type 2 standards, which in many aspects align with ISO 27001. SOC 2 Type 2 is a control-based framework that does not require an ISMS but focuses on trust service principles – such as password policies – designed to enhance security.
PCI-DSS Compliance: The Payment Card Industry Data Security Standard ensures the protection of credit card data. While EdgeCore may not specifically handle credit card data, we recognize the importance of PCI-DSS compliance within all data infrastructures and see this as a critical compliance standard to have at the disposal of our customer base.
Why We Do It – and Will Continue to Do It
We complete compliance and certification reports to ensure continual improvement of our services for our customers and to minimize risk, anticipate evolving customer requirements, and enable innovation.
- Quality Assurance to Minimize Risk: Compliance establishes a culture of consistency within data centers. By implementing standardized procedures, controls, and best practices, the likelihood of human errors, technical issues, and vulnerabilities is minimized. A well-organized data center facility ensures everyone understands their roles and responsibilities, facilitating smooth and rapid recovery in case of any unforeseen incidents. The reduction in operational risk provides customers with a sense of security and trust in their colocation provider.
- A Proactive Approach on Customer Needs: For every customer, we want to ensure they can place their trust in EdgeCore’s internal processes, knowing that we are a company who follows best practices to protect their valuable data and anticipate their needs, We take a proactive approach to ensure we’re passing independent reviews year after year, thereby demonstrating our commitment to staying up-to-date and anticipating customer needs.
- Stay in Lockstep on Innovation: As our digital landscape continues to expand and evolve at breakneck speeds, we share our customers’ commitment to future proofing with forward-thinking roadmaps that encompass compliance, technology, services, and customer priorities. As regulations and standards demand continuous improvement, we aim to ensure our compliance processes align to customers’ innovations with upcoming regulatory changes, and that we’re looking out to meet other priorities such as environmental sustainability and energy efficiency initiatives.
We utilize these compliance and certification processes internally as tools to outline controls that are working well and controls that could use improvement, and to create action to ensure those lagging in performance are reviewed and corrected. We want to ensure we are striking a balance for customers that reduces operational risk and increases efficiencies. We have frequent conversations and routine check-ins among our teams to ensure roles and responsibilities are being met, and that the journey towards big picture goals and outcomes are the north star.
EdgeCore’s unwavering commitment to compliance certifications showcases its dedication to providing top-tier security and reliability to its customers. Collaborating with customers through RFP and contract discussions allows us to understand their evolving needs and provide tailored solutions, and by adhering to ISO 27001, SOC 2 Type 2, and PCI-DSS standards, we’re demonstrating our willingness to meet the most stringent security controls regardless of industry and business need.
As a company, we remain proactive in evaluating additional compliance standards to enhance our offerings. This dedication to compliance is part of how EdgeCore remains committed to investing in continually improving security postures for our customers, assuring them they are entrusting their critical data and computing systems to a secure and dependable infrastructure provider.