Skip to content
Contact Sales

Security & COmpliance

Committed To Data Security Because You Expect Nothing Less

Security at code42

We are committed to the security of your data.

The strongest encryption of data, both in transit and at rest, is what to expect from our services.

You also expect to be in compliance with government regulations, that your data is safe no matter which storage location you choose, and that your vendors follow the strictest security policies for their own data.

We’ve been meeting expectations since 2001. That’s why more than 50,000 businesses trust us with their data. Our customers include 7 of the world’s 10 largest technology companies and government agencies held to the highest standard of information privacy.

A Code42 guiding principle

Security is a guiding principle here at Code42. Utilizing industry standards and verification by independent auditors, we take a comprehensive approach to secure our products and solutions. As a Code42 customer, here’s what you can expect:

  • Code42 maintains end-to-end control of cloud stack software, server, storage, network, monitoring and security components
  • Rigorous quality testing of platform and product code that follow industry security best practices
  • Data encrypted in transit and at rest
  • Decryption of file contents only happens through the Code42 application – not a human being
  • Strong authentication protocols ensure only authorized customer access
  • Ongoing vulnerability tests by professional third party and internal teams
  • Full time monitoring of Code42 cloud environment with a dedicated response team
  • Comprehensive security awareness training program for all Code42 personnel

Code42 maintains compliance certifications and attestations on our product and infrastructure to validate our robust security program. Additionally, Code42 ensures and monitors appropriate security assurance obligations (SOC 1, SOC2, ISO27001) for its cloud data centers.  Learn more about our compliance certifications and standards below.

*Other organizations, such as managed service providers and resellers, may provide cloud storage using Code42 cloud hardware and software. The information on this page may not apply to the cloud data centers managed by those organizations. Please contact those organizations for information about the features of their cloud solutions.

How Code42 responds to industry security incidents

Learn More

Compliance at code42

Compliance is built in to everything we do.

Whether you’re protecting the data of patients, cardholders, or employees, you expect it to be easy and cost effective to comply with ever-changing requirements.

Compliance regulations abound across industries and geographies. Our platform helps you comply with regulations governing where and how your data is stored, who can access it, and who can decrypt it. Here is a guide on how Code42 Incydr™ supports your compliance.

All our deployment options provide:

  • Centralized policy management
  • Enterprise-wide administration with complete visibility of data and users
  • Tamper-proof audit trails
  • Compliance with data export laws
  • Data access strictly via strongly authenticated customer credentials
  • Permanent data deletion after your subscription ends
  • Single-click Compliance Settings to automatically restrict data access based on your regulations

Endpoint protection is a key component of most security and privacy regulations. Code42 helps customers meet their applicable compliance and risk management requirements.

Resources

Security & compliance documents for Incydr

Incydr empowers your security & compliance to the highest degree. Dig in to these resources to see how.

Compliance Documents

DFARS: Defense Federal Acquisition Regulation Supplement
HIPAA: Health Insurance Portability and Accountability Act
ITAR: International Traffic in Arms Regulation
GLBA: Gramm-Leach-Bliley Act
FERPA: Family Educational Rights and Privacy Act
GDPR:General Data Protection Regulation
CCPA:California Consumer Privacy Act
CMMC:Cybersecurity Maturity M

Certifications, Attestations & Standards

SOC Reporting: Service Organization Control Reporting
TrustE Privacy Verified Seal: Data collection and processing practices consistent with regulatory expectations
FedRAMP: The Federal Risk and Authorization Management Program

Compliance White Papers

Looking for copies of our SOC2, PenTest Summary, or ISO 27001 SoA audit?

Request Reports

Peer discussions on Governance, Risk & Compliance (GRC)

5 Ways GRC & Security Can Partner to Reduce Insider Risk

Read Blog

A 5-Step Game Plan for Integrated Insider Risk Management

Read Blog

GRC & Security – It’s Time to Bridge the Divide

Read Blog

Didn’t find what you were looking for?

Contact Code42 to learn more about why our customers benefit from cloud solutions without comprising their data security, regulatory or privacy requirements.

Contact Us