Nasuni Achieves Third-Party Security & Compliance Standards

April 25, 2023 | Jason Patterson Nasuni Achieves Third-Party Security & Compliance Standards

As security threats continue evolving and malicious actors work tirelessly to find new ways to inflict harm, the Information Security team at Nasuni is working even harder to protect our customers, company, and people. We’re growing our team of passionate, dedicated engineers and staffers, developing new tools and monitoring systems, and a great deal more. Yet a strong security strategy should not be based solely on trust, so we have once again subjected our systems and approaches to third-party validation for an unbiased assessment.

Today we are happy to announce the successful completion of SOC 2 Type 1, CSA STAR Level 2, and HIPAA audits for 2022, in addition to the successful renewal of our ISO/IEC 27001:2013 certified provider status. What all of this means, in short, is that Nasuni is satisfying industry-standard best practices for data protection, security, and compliance. Here is how the certifications and audits break down:

SOC 2 Type 1

This examination, established by the American Institute of Certified Public Accountants, is designed to ensure the personal assets of potential and existing customers are and/or will be protected. Passing this test is an affirmation of an organization’s holistic approach to security and data protection, from infrastructure through people and policies. Later this year we will also be undergoing the audit for SOC Type 2 certification, which assesses the effectiveness of the controls over time.

CSA STAR Level 2

The Security, Trust, Assurance, and Risk (STAR) certification is validation of our commitment to cloud security competency and the cloud industry as a whole. You need to meet a number of prerequisites before achieving this standard, including ISO 27001 certification, and our technology and organization fell right in line with the requirements. This is to be expected given that cloud has been central to Nasuni’s mission, architecture, and security strategy from the outset.


The healthcare and health services space has been a growth industry for Nasuni as organizations look for more efficient and cost-effective ways to store, manage, and protect unstructured file data ranging from large, complex imaging files to basic documents. The HIPAA (Health Insurance Portability and Accountability Act of 1996) audit demonstrations that we meet the essential federal standards.

Together, what these audits and certifications show is that the most effective and comprehensive security measures are in place for both Nasuni and our customers. This has been an interesting and intense time in the security space. The threat of ransomware has grown. The rise of remote and hybrid work has given malicious actors more opportunities. A validated, verified commitment to data security is now more important than ever, and these certifications are a clear demonstration of our focus and adherence to the highest standards.

If you’d like to learn more about our security practices, visit for more detailed information, documents, and reports.

Related Posts

May 23, 2023 World-class NPS: Nasuni Earns NorthFace ScoreBoard Award for 3rd Straight Year

Our commitment to Nasuni customers goes beyond simple support. According to the Customer Relationship Management Institute (CRMI), the performance of our customer support team has been world-class. CRMI audits and awards the NorthFace ScoreBoard Service Award, which is awarded to companies that deliver excellence in customer service. I'm very pleased to share the news that Nasuni has received this recognition for the third year in a row. The award is based on direct feedback and customer service ratings from actual customers.

, , ,
May 17, 2023 Stop Managing Infrastructure, Start Managing Data

For the last several decades, data has been inextricably bound to hardware. The stewards of data within large organizations were forced to focus on procuring, managing and maintaining the infrastructure on which that data resided. The cloud-driven evolution of capabilities in data storage and protection has rendered much of that once-critical legacy technology obsolete. Organizations can leverage more advanced data services through the cloud and do so without investing in hardware. You can stop managing infrastructure and start managing data.

, , , , ,
May 10, 2023 Why The Evolution Of Data Storage Matters

The data storage industry has evolved significantly in the last three decades, but what has happened in the last 10 years has been another order of change entirely. The maturation of the cloud and the related ecosystem of solutions are transforming data storage from a basic necessity into a strategic technology that can drive business innovation and cost reduction, reduce risk, facilitate hybrid office models, accelerate global workflows and uncover hidden insights.

, , , ,