A “Defense-in-Depth” Approach to Cloud Storage Compliance

Every company that stores data wants to know that that data is protected, but some organizations, such as schools, hospitals, and criminal justice agencies, have policies that require proof of much more stringent security measures.  

At Wasabi, we take regulatory compliance extremely seriously for the simple fact that it’s extremely serious to our users. Compliance standards like FERPA, HIPAA, and CJIS are essential to doing business in education, healthcare, and criminal justice, respectively, and Wasabi is proud to hold certificates for all of these. Wasabi Hot Cloud Storage is a great choice for businesses who need primary storage, secondary storage for backup or disaster recovery, and cold storage for data archival (with one low-priced, ultra-fast tier of service). We want organizations that deal with sensitive information to know that they can use Wasabi to store their most critical data in accordance with compliance regulations—all with confidence and peace of mind in knowing that their data is fully protected. 

Layers of security for maximum protection 

On the whole, compliance regulations require businesses to ensure that digital information, electronic records, and personally identifiable information (PII) are not deleted improperly, corrupted, tampered with, or disclosed to unauthorized individuals. That data must be protected in transit and at rest, throughout its lifecycle, regardless of whether it’s kept on-premises, in a hosted facility, or in the cloud. And those security requirements apply to every individual with access to sensitive information including contractors, private entities, non-governmental representatives, and cloud service providers, such as Wasabi. 

The Wasabi cloud storage service is engineered to ensure the protection, privacy, and integrity of customer data. The service is built and managed according to security best practices and standards, with CJIS and other industry compliance security guidelines in mind. To meet and exceed those guidelines, Wasabi uses a “defense-in-depth” approach to security, with a wide range of best practices and technologies to ensure the physical security of its facilities and to maintain the privacy, security, and integrity of electronic data and digital records. 

Physical security 

The Wasabi service is hosted in premier Tier IV data center facilities that are highly secure, fully redundant, and certified for SOC-2 and ISO 27001 compliance. Each site is staffed 24/7/365 with on-site security personnel to protect against unauthorized entry. Security cameras continuously monitor the entire facility—both indoors and outdoors. Biometric readers and two-factor or greater authentication mechanisms secure access to the building. Each facility is unmarked so as not to draw attention from the outside.