Uniskai by Profisea Labs announces SOC 2 Type II compliance

We are extremely excited to announce that Uniskai by Profisea Labs has been officially certified SOC 2 compliant by Ernst and Young Global Limited!

As quality committed, Profisea Labs prioritized data security while developing Uniskai, the most comprehensive AI-driven multicloud cost optimization platform. Regarding security standards, there's no better benchmark of excellence than SOC 2 certification, which is why we're so thrilled to be recognized as SOC 2 compliant!

What is the SOC 2 standard?

Developed by the American Institute of CPAs (AICPA), SOC 2 defines compliance criteria for managing customers’ data. The compliance guidelines ensure that all the products Profisea Labs provides meet the existing Trust Services Criteria:

As SOC 2 framework does not provide a candidate with a predefined set of conditions for security certification, each organization must demonstrate its own specific procedures related to the systems' s privacy, security, availability, processing integrity, and confidentiality, including basic facilities and system serving, staff, operations, etc. Only an independent observer is allowed to conduct SOC 2 compliance certification to guarantee the candidate’s dedication to data security.

Why does SOC 2 certification matter for Profisea Labs?

As best-in-class data security standards have always been Profisea Labs’ unshakable priority, SOC 2 report officially confirms that our internal procedures are perfectly architected and the system is operating efficiently.

Profisea Labs` production environment is completely separated from the customers’ environment and follows strict access and data processing procedures and processes. To be clear, our product uses an IAM role that helps enforce access control, which is fundamental to the security, confidentiality, and privacy principles of SOC 2.

Customers' personal information is encrypted at the test and in transfer, restricted by VPN and 2FA-authorized access.

Profisea Labs never accesses any customer data. We're dedicated to protecting our customers' interests and privacy by following the gold SOC 2 standards and best practices.

Behind the curtain: What exactly was audited?

The SOC 2 report provides information on how your data is protected at Profisea Labs.

For months, the EY Global auditing company has been assessing our organizational structure, production environment, general policies, and the company’s internal control regarding:

  • Risk assessment;

  • Software development lifecycle;

  • Logical and physical access;

  • Network infrastructure;

  • Security and architecture;

  • Data center security;

  • Customer support;

  • Availability procedures;

  • Confidentiality procedures;

  • Subservice organizations.

Profisea Labs` SOC 2 certification proves that our robust network infrastructure is reliable and provides secure real-time data communication between cloud service components.

Our customers can be 100% sure that we always provide appropriate network security levels. Profisea Labs' security standards and practices are backed by a multi-layered approach that incorporates practices for preventing security breaches and ensuring confidentiality, integrity, and availability.

Uniskai: Security comes first

Uniskai by Profisea Labs offers a wide range of features for DevOps and FinOps teams to manage and optimize costs across the entire organization by deleting unused resources, rightsizing instances, converting development and mission-critical machines into spots, scheduling automated hibernation, purchasing an optimal package of Reserved Instances and Saving Plans, etc.

Uniskai is a secure, reliable, and resilient platform designed from the ground up, leveraging best industry practices. Top-notch security also addresses our network and hardware infrastructure, information, database management system, application control, intrusion detection monitoring, etc.

At Profisea Labs, we are devoted to our dearest customers’ confidentiality. Therefore, preventing unauthorized access, disclosure, alteration, or destruction of sensitive personal information is our persistent dedication!