BeyondTrust announced it has successfully completed both the International Organization for Standardization (ISO) 27001 certification, and the Service Organization Control 2 (SOC 2) Type 1 audit. Achievement of these security milestones included a broad scope of BeyondTrust systems, including its internal controls and Endpoint Privilege Management (EPM) and Secure Remote Access (SRA) product portfolios. Achieving ISO 27001 and SOC 2 Type 1 compliance demonstrates BeyondTrust’s ability to ensure customer data is safe from the most sophisticated methods of intrusion. The highly detailed validation process verifies the effectiveness of BeyondTrust’s internal security operations, secure software development practices, and product capabilities. These extensive audits were conducted by Aprio, a nationally recognized, top 100 CPA-led business advisory firm.
Cloud-ready enterprises must quickly secure vulnerable endpoints to protect against malicious attacks like phishing, malware, and ransomware. This is particularly important today as most employees are working from home and require secure endpoints. BeyondTrust’s SaaS solutions allows enterprises to secure, manage, and support user devices and limit privileges, without hindering productivity or driving up service desk calls.
“Our customers now have certified third-party attestation that the design, implementation, and operation of BeyondTrust’s security and availability controls meet or exceed the criteria set by the American Institute of Certified Public Accountants (AICPA),” said Abdul Badruddin, Director of Governance, Risk and Compliance, BeyondTrust. “Earning the ISO 27001 certification and the SOC 2 Type 1 compliance reflects our ongoing commitment to customers in this era of increasing cyberattacks, particularly with the dramatically increasing remote workforce. These newly certified products enable organizations to secure end-user devices and prevent malware and ransomware from being introduced into their corporate environments.”
“After thorough review, BeyondTrust’s entity, as well as its Secure Remote Access and Privilege Management SaaS products fulfill the standards set forth in ISO 27001 and SOC 2 for protecting customer data,” said Dan Schroeder, Partner-in-Charge of Information Assurance Services at Aprio. “These reporting standards are industry best practice risk management reporting standards for security, privacy, and other operational controls for SaaS and other technology service providers.”
By uniting the broadest set of privileged security capabilities, BeyondTrust’s Universal Privilege Management approach simplifies deployments, reduces costs, improves usability, and reduces privilege risks. BeyondTrust’s Endpoint Privilege Management solutions enforce least privilege by removing excessive end user privileges and controlling applications on endpoints using Windows, Mac, Unix or Linux, and its Secure Remote Access solutions allow for organizations to increase their service desk capability as well as secure, manage, and audit both vendor and internal remote privileged access without the need for a VPN.