Aiven is committed to providing premium level of security on all accounts, regardless of the size. To ensure quality, safety and integrity of information systems, Aiven maintains compliance with all major data regulations and is also ISO 27001 certified and SOC 2 compliant.
What this means for our customers
Aiven security certifications are meant to give our current and future customers confidence that we are capable of providing thorough information security and peace of mind that our customers' data is handled correctly and securely.
With the increased information security regulations, these certifications will make it easier to provide the needed data for security documentation.
ISO 27001 Certification
ISO/IEC 27001 is an information security standard that is part of the 27000 family standards which provides requirements for Information Security Management System(ISMS). ISO/IEC 27001:2013 is a standard providing requirements for implementing and maintaining an ISMS. It requires a systematic and continuous risk management process that ensures the confidentiality, integrity and availability of information.
If you meet the requirements, you are able to undergo a certification audit by an independent, accredited certification body. The audit is rigorous, involving,
1. Documentation, policies and processes review,
2. Verification of evidence and records, and
3. Personnel interviews.
Once certified, you are subject to a three year cycle comprised of two annual surveillance audits and a re-certification audit on year three to ensure continued compliance.
SOC 2 Certification
SOC 2 (System and Organization Controls) is especially beneficial when storing customer data in the cloud. It requires that companies establish and follow strict information security policies, procedures, and guidelines in place to ensure the security, availability, processing integrity, and privacy of customer data.
SOC 2 is further split into two types that are defined as follows:
- Type 1: policies are defined and documented, and the audit is conducted at a single point in time.
- Type 2: policies are defined and documented and are then verified by a third party over an extended period of time. It is therefore more strict and certification process takes 6 to 12 months.
Externally verified SOC 2 compliance ensures that Aiven meets this standard and securely manage and protect your data.
SOC 2 certification gives a higher level of assurance that Aiven has the highest levels of safeguards and procedures that ensure security of our customers' information
How to view or request Aiven security certifications
Aiven is continuously working on pursuing additional certifications to further demonstrate our commitment to information security. The current list of Aiven security certifications is available on Security and Compliance page where you can view and/or request security certifications.