Compliance

ISO 27001


Virtustream is committed to helping ourcustomers mitigate risk and has developed a rigorous security program to systematically evaluate information security risks from both known and unknown sources, implement security controls across the cloud stack, and employ best practices and management processes to proactively access and continually improve controls. An independent third party certified public accounting (CPA) firm has certified that Virtustream’s information security management system (ISMS) conforms to the ISO 27001 standard. This certification is conducted and renewed annually.

For Virtustream Enterprise Cloud, Virtustream’s ISO 27001 certification includes ISO 27017 for cloud service providers and ISO 27018 for protection of personally identifiable information (PII).

Virtustream's ISMS governing the cloud services below is certified as ISO 27001-compliant:

Region: Global

About ISO 27001

ISO 27001 (ISO/IEC 27001:2013) is a specification for an information security management system (ISMS) set by the International Organization for Standardization (ISO): an international standard-setting body comprised of representatives from various national standards organizations. An ISMS framework of policies and procedures includes all legal, physical, and technical controls involved in an organization’s information risk management processes.