Nitro Blog

Nitro: SOC2 and HIPAA Certified, Three Years in a Row

cyber-document-security-1000x1000.jpg

Data security is our number-one priority. Nitro meets and exceeds some of the most stringent US, EU, and global security standards.

Data security is our number-one priority. Nitro meets and exceeds some of the most stringent US, EU, and global security standards. Nitro is fully committed to Privacy Shield, EU General Data Protection Regulation (GDPR) and the newly introduced California Consumer Privacy Act (CCPA) legislation.

To help ensure that our practices are not only up to date with current standards, but also tested and strengthened against the latest vulnerabilities identified by security professionals, each year Nitro completes multiple audits of our information security practices, conducted by independent and impartial industry experts.

We’re thrilled to announce that we’ve successfully achieved SOC2 and HIPAA certification for the third year running since launching the Nitro Productivity Suite in 2017! These rigorous assessments give you a justified, tangible and independently verified level of confidence in Nitro’s commitment to protecting your data every day. SOC2 and HIPAA are key milestones on ‘Nitro’s Information Security Roadmap’ every year.

We follow industry best practices to transfer, process, and store customer data alongside Nitro’s security principles.

Here are Nitro security principles:

  • We are secure by design: Always on. Always reliable. Always secure.
  • All customer assets must be protected on a “need-to-know” and “least-privilege” basis
  • Nitro security controls are pragmatic and risk-based
  • Security is an integral part of the design, creation, and implementation of all Nitro components
  • The tools we use support excellent security, reduce friction, and fit seamlessly into the way you work
  • We meet and exceed our regulatory compliance obligations through strict observance of standards

The Nitro security principles help us to earn and maintain our customers’ trust; particularly our principle of regulatory compliance.

The good news is you don’t have to choose between usability and security anymore. Nitro combines a user-friendly experience with a combination of automated tools and manual inspection to ensure constant oversight of security events. 65% of the 2019 Fortune 500 rely on Nitro. You can too.

Looking for more information about our stringent security? Visit our security page.

SOC is the Service Organization Control standard, controlled by the AICPA – American Institute of Certified Public Accountants; SOC2 is the AICPA Information Security compliance standard and is considered essential for doing business in the Cloud.

HIPAA is the U.S. Health Insurance Portability and Accountability Act – which governs how Health Service providers protect health & insurance data for individuals.