You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Please note: Support.getacvideo.com will be moving to help.getac.com on January 1st, 2025. Please update your bookmarks accordingly to avoid unplanned interruptions.
announcement close button
Home > 010 Legal > Compliance Certifications
Compliance Certifications
print icon
Stefan Bakken
Mar 11, 2024
views icon 34

ISO/IEC 27001:2013 Certified

ISO 27001:2013 is an information security management system (ISMS) international standard that provides a comprehensive set of requirements for maintaining confidentiality, integrity, and availability of data. Getac has ISO 27001 for its Getac Enterprise Cloud Services. Getac services certified under ISO 27001 are provided in accordance with ISO 27001 standards or alternative standards that are substantially equivalent to ISO 27001.

ISO/IEC 27017:2015 Certified

ISO 27017:2015 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO 27002 and ISO 27001 standards. This code of practice provides additional information security controls implementation guidance specific to cloud service providers.

ISO/IEC 27018:2015 Certified

ISO/IEC 27018:2015 is a code of practice that focuses on protection of personal data in the cloud. It is based on ISO/IEC information security standard 27002 and provides implementation guidance on ISO/IEC 27002 controls applicable to public cloud Personally Identifiable Information (PII). It also provides a set of additional controls and associated guidance intended to address public cloud PII protection requirements not addressed by the existing ISO/IEC 27002 control set

ISO/IEC 27036:2014 Certified

ISO/IEC 27036:2014 is a multipart standard offering guidance on the evaluation and treatment of information risks involved in the acquisition of goods and services from suppliers. The implied context is business-to-business relationships, rather than retailing, and information-related products. The terms acquisition and acquirer are used rather than purchase and purchasing, since the process and the risks are much the same whether the transactions are commercial.

SOC 2 Type II

SOC 2 Type 2 report is an internal controls report capturing how a company safeguards customer data and how well those controls are operating. Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third party technology services. These reports are issued by independent third-party auditors covering the principles of Security, Availability, Confidentiality, and Privacy.

Getac’s SOC 2 Type 2 Report covers the AICPA’s Trust Services Principles and Criteria for Security, Availability, Confidentiality, and Privacy. The report also includes a mapping of the controls tested to ISO/IEC 27001:2013 Annex A / ISO/IEC 27002:2013, ISO/IEC 27017:2015, ISO/IEC 27018:2015, and CJIS (Criminal Justice Information Systems) guidelines. 

CJIS Compliant

The Getac Enterprise Video Management Solution has been implemented and designed to meet CJIS (Criminal Justice Enterprise Systems) compliance and attested by a third-party auditor.  Getac ensures that the security of our customer’s data is top priority, and we meet and exceed most security standards.  We are continually improving our security stance to keep in front of the constantly changing threats that our customers have.

Feedback
0 out of 0 found this helpful

close button
Custom PIN Entry
scroll to top icon