Compliance

Today’s technology leaders are charged with securing and protecting the customer, employee, and intellectual property data of their companies in an environment of increasingly complex security threats. Companies are also responsible for complying with all applicable laws, including those related to data privacy and transmission of personal data, even when a service provider holds and processes a company’s data on its behalf.

Annex Cloud maintains a formal and comprehensive security program designed to ensure the security and integrity of customer data, protect against security threats or data breaches, and prevent unauthorized access to our customers’ data. The specifics of our security program are detailed in our third-party security audits and international certifications.

Third-Party Audits and Certifications

The Annex Cloud SOC 2 Type II report is an independent assessment of our control environment performed by a third party.

SOC 2 Type 2

The SOC 2 report is based on the AICPA’s Trust Services Criteria and is issued annually in accordance with the AICPA’s AT Section 101 (Attest Engagements). The SOC 2 report addresses all of the Trust Services Criteria (Security, Availability, Confidentiality, Processing Integrity, and Privacy).

ISO 27001

ISO 27001 is a globally recognized, standards-based approach to security that outlines requirements for an organization’s Information Security Management System (ISMS).

Annex Cloud has been ISO 27001-certified since 2019, which affirms our commitment to security.

thrid-party-audit