Evolve IP Secure Data Sovereignty and Security Management Practices
From its inception, Evolve IP recognized that security management and data integrity were not just important features and nice to haves, they are critical requirements demanded by enterprise customers and those subject to formal compliance regulations.
SOC 3 Certification
Evolve IP has received SSAE 16 SOC 2 Type II and SOC 3 Type II reports on our applicable products and services and technology and processes throughout our Operations Centers and Nationwide Data Centers. The audit for these reports are conducted in accordance with the Statements on Standards for Attestation Engagements No. 16 and utilize the Trust Services Principles, published by the AICPA, to audit and evaluate the effectiveness of a service organizations controls with respect to security, availability, data integrity, privacy and confidentiality. Evolve IP utilizes Grant Thornton to perform periodic audits and attestation of SOC processes and controls.
Evolve IP is also an Approved Scanning Vendor (ASV) of the PCI (Payment Card Industry) Security Standards Council. Approved Scanning Vendors are organizations that validate adherence to certain DSS (Data Security Standards) requirements by performing vulnerability scans of Internet facing environments of merchants and service providers. Evolve IP also has distinction in being designated as a former Qualified Security Assessor (QSA) with the PCI council. The Payment Card Industry (PCI) Qualified Security Assessor (QSA) designation is conferred by the PCI Security Standards Council to those individuals and organizations that meet specific information security education requirements, have taken the appropriate training from the PCI Security Standards Council, are employees of a Qualified Security Assessor (QSA) company Approved PCI Security and Auditing Firm, and will be performing PCI compliance assessments as they relate to the protection of credit card data.
CSA STAR – Participating Member
Evolve IP is also a registered and participating member of the CSA Security, Trust & Assurance Registry (STAR). The CSA was formed to encourage transparency of security practices within cloud providers. It is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings, thereby helping users assess the security of cloud providers they currently use or are considering contracting with. CSA STAR is open to all cloud providers, and allows them to submit assessment reports that document compliance to CSA published best practices. The searchable registry will allow potential cloud customers to review the security practices of providers, accelerating their due diligence and leading to higher quality procurement experiences. CSA STAR represents a major leap forward in industry transparency, encouraging providers to make security capabilities a market differentiator.
Experience you can trust
Evolve IP is a Managed Security Services Provider (MSSP) with longstanding experience in protecting, reporting and auditing enterprise customer networks. Products and services range from perimeter security (premise based or in the cloud) protection to ongoing vulnerability assessments and remediation.
These reports are available to qualifying customers to assist in audits, process design and provider competence evaluation. These reports attest that our security management and control program is appropriately designed and the the controls defined to safeguard customer data are operating effectively over time. This allows our customers to leverage the power of the cloud but be completely confident that the applicable processes, technologies and controls are in place to provide the highest level of protection and compliance enablement in securing, processing and storing any type of sensitive data. This includes financial reporting data, healthcare patient data (PHI, ePHI) as defined by HIPAA and credit card processing as defined by PCI DSS 2.0.
These reports, certifications and affiliations differentiate Evolve IP from other service providers by demonstrating that we understand and have mitigated the risks within our environment (and by extension, our Customers’ environments) by proactively deploying audited and attested technology, processes and appropriate controls. It is for these reasons that Evolve IP has lead the market in Cloud Services Securitization.