Nasuni Achieves Third-Party Enterprise Cybersecurity & Compliance Standards

April 25, 2023 | Jason Patterson Nasuni Achieves Third-Party Enterprise Cybersecurity & Compliance Standards

As security threats continue evolving and malicious actors work tirelessly to find new ways to inflict harm, the Information Security team at Nasuni is working even harder to protect our customers, company, and people. We’re growing our team of passionate, dedicated engineers and staffers, developing new tools and monitoring systems, and a great deal more. Yet a strong enterprise cybersecurity strategy should not be based solely on trust, so we have once again subjected our systems and approaches to third-party validation for an unbiased assessment.

Today we are happy to announce the successful completion of SOC 2 Type 1, CSA STAR Level 2, and HIPAA audits for 2022, in addition to the successful renewal of our ISO/IEC 27001:2013 certified provider status. What all of this means, in short, is that Nasuni is satisfying industry-standard best practices for data protection, security, and compliance. Here is how the certifications and audits break down:

SOC 2 Type 1

This examination, established by the American Institute of Certified Public Accountants, is designed to ensure the personal assets of potential and existing customers are and/or will be protected. Passing this test is an affirmation of an organization’s holistic approach to security and data protection, from infrastructure through people and policies. Later this year we will also be undergoing the audit for SOC Type 2 certification, which assesses the effectiveness of the controls over time.

CSA STAR Level 2

The Security, Trust, Assurance, and Risk (STAR) certification is validation of our commitment to cloud security competency and the cloud industry as a whole. You need to meet a number of prerequisites before achieving this standard, including ISO 27001 certification, and our technology and organization fell right in line with the requirements. This is to be expected given that cloud has been central to Nasuni’s mission, architecture, and security strategy from the outset.


The healthcare and health services space has been a growth industry for Nasuni as organizations look for more efficient and cost-effective ways to store, manage, and protect unstructured file data ranging from large, complex imaging files to basic documents. The HIPAA (Health Insurance Portability and Accountability Act of 1996) audit demonstrations that we meet the essential federal standards.


Together, what these audits and certifications show is that the most effective and comprehensive enterprise cybersecurity measures are in place for both Nasuni and our customers. This has been an interesting and intense time in the security space. The threat of ransomware has grown. The rise of remote and hybrid work has given malicious actors more opportunities. A validated, verified commitment to data security is now more important than ever, and these certifications are a clear demonstration of our focus and adherence to the highest standards.

If you’d like to learn more about our security practices, visit for more detailed information, documents, and reports.

Related Posts

April 17, 2024 Three Impediments to AI Success

Andres Rodriguez shares why enterprises need to get fit for AI and the top factors prohibiting their AI success.

, , , , , ,
April 16, 2024 Unlocking the Power of Nasuni Data with Microsoft Copilot Studio

Jim Liddle shares how Nasuni is educating customers on how to create customized Microsoft Copilot experiences with AI business tools that use a customer’s unstructured data set to unlock further business insights and revenue streams.

, , , , ,
April 10, 2024 What I&O Leaders Need to Know: Gartner’s 2024 Market Guide for Hybrid Cloud Storage

Lance Shaw shares insights from Gartner’s ‘Market Guide for Hybrid Cloud Storage’ as well as their projections for the market over the next few years.

, , , , , ,