Compliance Programs and Certifications

SSAE 16 SOC 2 Certification

In today's business market, service organizations are looking for a partner who can help them deploy IT infrastructure services and have the necessary controls and measures that comply with their local and corporate requirements. One of Canadian Web Hosting's core missions is to help businesses meet their SSAE 16 certification requirements in accordance with AT 101 (formerly the SAS70 and CSAE 3416 Type II), which meets the new international service organizations standards for Type I and Type II reporting.

We achieve this by building a solid foundation around SSAE 16 requirements including physical security, data storage/security and control procedures that enable your company to feel confident that your data is in trusted hands. As a result, customers who have web hosting services with us including dedicated servers, virtual servers (VPS), cloud servers, cloud computing, cloud storage and/or shared hosting can feel confident that they are in a secure, reliable and effect environment that has the proper controls for internet operations and highly available IT services.

SSAE 16 SOC 2 Certification

The Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) issues the SSAE 16 Type II (formerly SAS 70) to service organizations that typically offer outsourced services. An auditor's report details the ability for a service provider's ability to offer adequate controls and safeguards when they host or process data belonging to their customers.

ISO 27002

Critical to our ongoing business improvements, Canadian Web Hosting has implemented ISO 27002 established guidelines and principles for security management in our organization including designated best practices of control objectives and controls in the following areas of information security management:

  • security policy
  • organization of information security
  • asset management
  • physical and environmental security
  • communications and operations management
  • access controls
  • information systems acquisition, development and maintenance
  • information security incident management
  • business continuity management
  • compliance

As a company, we have developed and implement standard organizational security standards and effective security management practices, and can give our clients reassurance that their business and governance requirements can be met.

PIPEDA

Canadian Web Hosting is fully compliant with PIPEDA (The Personal Information Protection and Electronic documents Act) and helps companies meet the mandatory provisions of the protection of person information. These provisions include, but are not limited to, the following:

  • Consent must be garnered for collection of personal information
  • Collection of personal information limited to reasonable purposes
  • Limits use and disclosure of personal information
  • Limits access to personal information
  • Stored personal information must be accurate and complete
  • Designates the role of the Privacy Officer
  • Policies and procedures for breaches of privacy
  • Measures for resolution of complaints
  • Special rules for employment relationships

What This Means for Our Customers

Customers can now outsource web-hosting services including Dedicated Servers, virtual servers (VPS), CA Cloud Servers and/or Shared Hosting to a provider that already meets SSAE 16 requirements. In doing so, you can focus your company's time, money, and manpower on core functions that will drive additional revenue to your business. Here are some examples of Canadian Web Hosting's SSAE 16 compliance controls and physical security that our hosting environment supplements:

  • Facilities and asset management
  • Logical access and access control
  • Network and information security
  • Computer operations
  • Backup and recovery
  • Change and incident management
  • Organizational and administrative controls
  • Security policies, reporting, and monitoring
  • Physical and logical security

SSAE 16 Compliant Web Hosting and Security Features:

Canadian Web Hosting is the industry leader in delivering 100% Canadian web hosting solutions for businesses requiring a SSAE 16 certification with their web hosting environment. When combined with our enterprise-grade web hosting hardware, and a securehosting environment that features many leading technologies including our Unified Security Services, Canadian Web Hosting will help you achieve compliance.

  • SSL capability
  • Enterprise-level, application level protection
  • Hardware/Software firewall
  • IP-Restricted FTP
  • Managed backups with guaranteed retention
  • Advanced 24/7monitoring
  • Multi-level intrusion prevention (IPS/IDS)
  • Anti-Spam, Anti-Malware, Anti-Virus
  • Log Management