Dedicated Cloud has been issued SOC 1 (SSAE 16 and ISAE 3402) and SOC 2 type II certificates
Security is a top priority for the OVH group, which has been marketing its private cloud solution for businesses since 2010. While the SOC 1 and 2 type I certifications received by the group in 2014 are related to the procedures and controls to ensure the security and high availability of the Dedicated Cloud service, SOC 1 and SOC 2 type II are related to the operating effectiveness and rigour of these procedures and controls.
The audit was conducted by the independent firm KPMG over a six month period and covered the Dedicated Cloud service in 4 of the group’s datacentres: 3 in France and 1 in Canada. The auditors evaluated and validated the effectiveness of the group's controls based on the following points:
• security policies
• risk assessment and incident management processes
• physical and logical access
• service availability
• data privacy and integrity
These certifications are an assurance for our customers that we implement and follow the internal controls and measures to ensure the security of our information systems," explains Thibaud Saudrais, Quality Manager at OVH."