- ISO 27001 certification and SOC 2 Type 1 compliance strengthens BeyondTrust’s leadership in Privileged Access Management
- Reflects BeyondTrust’s commitment to ensuring customer data is safe from the most sophisticated methods of intrusion for its 3,000+ cloud customers
ATLANTA, Sept. 29, 2020 (GLOBE NEWSWIRE) — BeyondTrust, the worldwide technology leader in Privileged Access Management (PAM), today announced it has successfully completed both the International Organization for Standardization (ISO) 27001 certification, and the Service Organization Control 2 (SOC 2) Type 1 audit. Achievement of these security milestones included a broad scope of BeyondTrust systems, including its internal controls and Endpoint Privilege Management (EPM) and Secure Remote Access (SRA) product portfolios. Achieving ISO 27001 and SOC 2 Type 1 compliance demonstrates BeyondTrust’s ability to ensure customer data is safe from the most sophisticated methods of intrusion. The highly detailed validation process verifies the effectiveness of BeyondTrust’s internal security operations, secure software development practices, and product capabilities. These extensive audits were conducted by Aprio, a nationally recognized, top 100 CPA-led business advisory firm.
Cloud-ready enterprises must quickly secure vulnerable endpoints to protect against malicious attacks like phishing, malware, and ransomware. This is particularly important today as most employees are working from home and require secure endpoints. BeyondTrust’s SaaS solutions allows enterprises to secure, manage, and support user devices and limit privileges, without hindering productivity or driving up service desk calls.
“Our customers now have certified third-party attestation that the design, implementation, and operation of BeyondTrust’s security and availability controls meet or exceed the criteria set by the American Institute of Certified Public Accountants (AICPA),” said Abdul Badruddin, Director of Governance, Risk and Compliance. “Earning the ISO 27001 certification and the SOC 2 Type 1 compliance reflects our ongoing commitment to customers in this era of increasing cyberattacks, particularly with the dramatically increasing remote workforce. These newly certified products enable organizations to secure end-user devices and prevent malware and ransomware from being introduced into their corporate environments.”
“After thorough review, BeyondTrust’s entity, as well as its Secure Remote Access and Privilege Management SaaS products fulfill the standards set forth in ISO 27001 and SOC 2 for protecting customer data,” said Dan Schroeder, Partner-in-Charge of Information Assurance Services at Aprio. “These reporting standards are industry best practice risk management reporting standards for security, privacy, and other operational controls for SaaS and other technology service providers.”
By uniting the broadest set of privileged security capabilities, BeyondTrust’s Universal Privilege Management approach simplifies deployments, reduces costs, improves usability, and reduces privilege risks. BeyondTrust’s Endpoint Privilege Management solutions enforce least privilege by removing excessive end user privileges and controlling applications on endpoints using Windows, Mac, Unix or Linux, and its Secure Remote Access solutions allow for organizations to increase their service desk capability as well as secure, manage, and audit both vendor and internal remote privileged access without the need for a VPN.
ISO 27001 is a globally recognized standard from the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) mandating numerous controls for the establishment, maintenance and certification of an information security management system (ISMS). Achieving the ISO 27001 standard certifies that BeyondTrust has the requisite information security controls in place to demonstrate its commitment to providing customers with the highest level of information security management.
The American Institute of CPA’s Trust Service Criteria for SOC 2 compliance mandates technology service organizations to document customer information concerning security, operational policies, processing integrity, and the privacy of customer data. SOC 2 Type I reports describe a service vendor’s systems, with attestation of their ability to meet relevant trust principles and controls for storing customer information.
BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry’s most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.
The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. We are trusted by 20,000 customers, including 70 percent of the Fortune 500, and a global partner network.