Key Takeaways:
- FIRST IN THE CARIBBEAN
Cloud Carib is one of only six CSA Trusted Cloud companies worldwide to obtain CSA’s STAR Level Two Attestation. - THIRD-PARTY AUDIT
The STAR (Security, Trust, Assurance, and Risk) Level Two Attestation is earned by companies that have successfully undergone a third-party audit to verify their security practices and controls, thus assisting clients in identifying a cloud provider that demonstrates their commitment to holistic security. - DATA PROTECTION LAWS
This new level helps our clients prevent data breaches and cyber-attacks while complying with relevant laws and regulations.
Selecting a managed service provider may be more difficult than it seems, with prospective clients utilizing customer reviews, testimonials, or peer recommendations; however, none of these emphasizes how reliable a vendor's security is on its own. Although using these tools may be helpful in your selection, global standards of compliance like certifications granted by the Cloud Security Alliance or other third-party accreditations are more reliable in measuring security stance or appropriate compliance requirements.
At Cloud Carib, our focus has always been maintaining exceedingly high security and compliance standards along with service excellence. We’ve taken it a step further by achieving the coveted STAR Level 2 attestation from Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices for trusted cloud providers. Adding to our STAR Level One certification in 2021, this achievement demonstrates our company-wide commitment to meeting stringent standards, regulations, and frameworks executed by Fortune 500 companies.
Hear more from Deno Cartwright, Manager of Internal Audit and Compliance, and Scott MacKenzie, Cloud Carib CEO about what this accreditation means for our customers.
What is the STAR Program?
The Cloud Security Alliance (CSA) Security, Trust, Assurance, and Risk (STAR) is a program that provides a framework for cloud providers to demonstrate their commitment to security and compliance. This accreditation assists consumers in identifying cloud providers that demonstrate their commitment to holistic security and are aligned with their security requirements.
CSA STAR Programs are divided into two levels: Level One and Level Two.
Level One is awarded to providers who have completed a self-assessment questionnaire, which outlines their security practices and controls while Level Two is awarded to providers who have undergone a third-party audit, which verifies their security practices and controls.
In today's digital landscape, customers are increasingly concerned about the security of their personal and financial information, and they want to know that the companies or governments they do business with are taking steps to protect it. By achieving CSA STAR Level Two Attestation, Cloud Carib assures our clients that we have safeguarded our commitment to providing secure cloud computing and highlights the breadth of our security practices.
How is Level Two attained?
Here’s how we attained our Level Two status:
- Aligned our company’s cloud security practices with CSA's best practices according to their CCM.
- Published our cloud security practices and controls in a self-assessment questionnaire to CSA.
- Underwent an independent audit by a CSA-approved third-party auditor to verify our self-assessment questionnaire and that our SOC 2 Type 2 is accurate, up to date, and reflective of the Company’s security practice
- Met CSA's training, documentation, and policy development requirements.
- Completed a formal risk assessment process.
- Submitted a report of our risk assessment findings to the CSA for review.
Once these findings met CSA's requirements, we were granted our STAR Level Two Status.
Our Independent Third-Party Auditor was then independently tested and validated by CSA, and our Internal Audit and Compliance program was verified as conforming with SOC 2 standards through CSA STAR's audit of our Independent Third-Party Auditor.
But, what does it mean for you?
- Improved security posture: Data breaches are becoming more common, costing businesses billions of dollars each year. According to IBM, as of 2022, the global average cost per data breach amounted to 4.35 million U.S. dollars, an increase from 4.24 million U.S. dollars in the previous year, which does not include companies that never report their breaches. Data breaches not only result in financial losses but also reputational damage and legal liabilities. CSA Star Level Two demonstrates to our customers, partners, and regulators that we have implemented best practices in cloud security with a robust security program in place helping to alleviate the risk of data breaches, cyber-attacks, and other security incidents.
- Enhanced risk management: Attaining the CSA Star Level Two required a formal risk assessment process which helps to identify and mitigate potential risks to your business data and cloud environments.
- Better compliance: Many regulatory and industry frameworks require companies to have a robust security program in place. By earning CSA STAR Trusted Cloud + Level Two, Cloud Carib demonstrates that we are compliant with these laws and regulations, reducing the risk of legal penalties and other consequences for you and your clients.
- Improved customer satisfaction: As we pride ourselves on service excellence, clients and partners can feel a higher level of confidence in our ability to protect their data due to our CSA Star Level Two attestation.
Choosing a CSA STAR Level Two certified Cloud provider such as Cloud Carib is crucial for the security and integrity of your organization’s data. Cloud Carib has undergone a rigorous and independent audit, ensuring that our security practices and controls meet the highest standards, giving you the confidence that your preferred vendor has the knowledge and protocols in place to lower your future risk of a third-party breach.
Our commitment to security is continuous and evolving
Over the last 10 years, Cloud Carib has earned the trust of many clients, giving us the privilege of hosting their most valuable data, which is why we uphold global compliance standards and keep them at the forefront of how we develop our solutions, processes, and teams. As one of only six companies in the world with CSA STAR Trusted Cloud + Level Two Status, we are committed to staying ahead of the security curve through third-party accreditations and compliance audits. Our clients can trust that their data is being handled with the utmost care and attention, even as technology and threats evolve.
As Cloud Carib continues to grow, security compliance will remain at the forefront of how we work as security and data privacy are top priorities for our clients. Last year, we became SOC 2 compliant, providing our customers with more transparency regarding our security posture. Deno Cartwright, Cloud Carib Internal Audit and Compliance Manager stated, “Today, we take our commitment to security one step further with our Level Two CSA STAR attestation which demonstrates our dedication to maintaining industry-recognized security standards and protecting our customers’ services and infrastructure.”
He added, "Many customers frequently worry that regional businesses won't be able to adhere to the highest regulatory standards. However, this certification is proof that Cloud Carib and the Caribbean are not only competing but excelling internationally.
Want to learn more?
If you are a Cloud Carib customer, you are already taking advantage of our latest certification and can reach out to your Account Manager for more information. If you’re thinking about using Cloud Carib to safeguard and manage your security or infrastructure, you can chat with our sales team at +1 800 390 2806 or by using the 'GET IN TOUCH' button below.