Dedicated to Excellence
BriteSky is dedicated to delivering custom-configured enterprise cloud solutions that simplify the process of storing, managing, and sharing large volumes of enterprise data securely. Our cloud solutions and managed cloud services are built on a commitment to excellence in everything we do and we continue to pursue certifications that enable us to deliver the highest quality products and services to our customers.
Service Organization Control 2 (SOC 2)
The BriteSky PODD architecture is built with the same level of cloud-based security used by banks, governments, and major credit card companies around the world to create private cloud infrastructures.
In addition, the BriteSky PODD complies with American Institute of Certified Public Accountants (AICPA) Service Organization Control 2 (SOC 2) Trust Services Principles for security, availability, processing integrity, confidentiality, and privacy.
The SOC 2 certification ensures that information security practices, policies, procedures, and operations meet or surpasses the rigorous SOC 2 standards. It shows our strong commitment to deliver high-quality services to our clients by demonstrating that we have the necessary internal controls and processes in place.
IT outsourcing operations services are increasingly important to SAP customers who want to ensure high-quality, sustainable, and cost-effective operation of their SAP solutions and environments. To support this requirement, SAP-certified partners need to provide high-quality outsourcing operations services and support. And, to ensure ongoing high standards, certified providers undergo a rigorous assessment of their delivery and support capabilities every two years. BriteSky has been an outsourcing partner for SAP since 2017, and currently holds certification in Cloud and Infrastructure Operations.
ISO/IEC 27000 Standards
The ISO/IEC 27000 family of standards help organizations keep information assets secure. Using this family of standards enables BriteSky to manage security of assets, such as financial information, intellectual property, employee details and information entrusted to BriteSky by third parties.
ISO/IEC 27001 is the best-known standard in the family. It specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS) within the context of an organization. It also includes requirement for the assessment and treatment of information security risks tailored to the needs of the organization.
ISO/IEC 27017:2015 provides additional cloud-specific implementation guidance based on ISO/IEC 27002 and ISO/IEC 27001 and provides additional controls to address cloud-specific information security threats and risks considerations. This code of practice provides cloud service specific controls, implementation guidance and other information intended to mitigate the risks that accompany the technical and operational features of cloud services.
ISO/IEC 27018:2014 is a code of practice that focuses on the protection of personal data in the cloud. Based on ISO/IEC 27002 it provides implementation guidance on controls applicable to public cloud Personally Identifiable Information (PII). It also provides a set of additional controls and associated guidance intended to address public cloud PII protection requirements not addressed by the existing ISO/IEC 27002 control set.