Nasuni Achieves Third-Party Enterprise Cybersecurity & Compliance Standards

April 25, 2023 | Jason Patterson Nasuni Achieves Third-Party Enterprise Cybersecurity & Compliance Standards

As security threats continue evolving and malicious actors work tirelessly to find new ways to inflict harm, the Information Security team at Nasuni is working even harder to protect our customers, company, and people. We’re growing our team of passionate, dedicated engineers and staffers, developing new tools and monitoring systems, and a great deal more. Yet a strong enterprise cybersecurity strategy should not be based solely on trust, so we have once again subjected our systems and approaches to third-party validation for an unbiased assessment.

Today we are happy to announce the successful completion of SOC 2 Type 1, CSA STAR Level 2, and HIPAA audits for 2022, in addition to the successful renewal of our ISO/IEC 27001:2013 certified provider status. What all of this means, in short, is that Nasuni is satisfying industry-standard best practices for data protection, security, and compliance. Here is how the certifications and audits break down:

SOC 2 Type 1

This examination, established by the American Institute of Certified Public Accountants, is designed to ensure the personal assets of potential and existing customers are and/or will be protected. Passing this test is an affirmation of an organization’s holistic approach to security and data protection, from infrastructure through people and policies. Later this year we will also be undergoing the audit for SOC Type 2 certification, which assesses the effectiveness of the controls over time.

CSA STAR Level 2

The Security, Trust, Assurance, and Risk (STAR) certification is validation of our commitment to cloud security competency and the cloud industry as a whole. You need to meet a number of prerequisites before achieving this standard, including ISO 27001 certification, and our technology and organization fell right in line with the requirements. This is to be expected given that cloud has been central to Nasuni’s mission, architecture, and security strategy from the outset.


The healthcare and health services space has been a growth industry for Nasuni as organizations look for more efficient and cost-effective ways to store, manage, and protect unstructured file data ranging from large, complex imaging files to basic documents. The HIPAA (Health Insurance Portability and Accountability Act of 1996) audit demonstrations that we meet the essential federal standards.


Together, what these audits and certifications show is that the most effective and comprehensive enterprise cybersecurity measures are in place for both Nasuni and our customers. This has been an interesting and intense time in the security space. The threat of ransomware has grown. The rise of remote and hybrid work has given malicious actors more opportunities. A validated, verified commitment to data security is now more important than ever, and these certifications are a clear demonstration of our focus and adherence to the highest standards.

If you’d like to learn more about our security practices, visit for more detailed information, documents, and reports.

Related Posts

May 23, 2024 Is Your Enterprise Cybersecurity Strategy Enough?

With enterprise cybersecurity needs on the rise due to artificial intelligence, future-proof your organization with the right ransomware protection solution.

, , , , , ,
May 15, 2024 Protecting Human Intelligence With AI

Russ Kennedy discusses how modern enterprises can uncover and extract knowledge from their distributed data through AI services while protecting human intelligence.

, , ,
May 08, 2024 The Emotional Rollercoaster of a Data Migration

Jacob Wallace addresses the common concerns and challenges that arise when an enterprise embarks on a cloud data migration.

, , , , , , , ,