For the last nineteen years, our mission has been to bring affordable, reliable, and accessible digital services to local businesses in our community. Honesty and professionalism continues to be the driving force behind all decisions we make as an organization.
As of Monday, December 1st, 2021, SMARTWEBPROS.COM Inc will improve our Hosting Services for our clientele. Although initially planned for a future date, circumstances dictate action be put in place presently.
As you know, our team uses all resources at our disposal for your success. We handpick the best solution for your business with security, speed, and affordability at the forefront of our decision-making process.
SWPDIP Security Compliance Program
The SWP Security Compliance Program helps customers understand the robust controls that are in place at SMARTWEBPROS.COM Inc’s Digital Infrastructure Provider (SWPDIP) to maintain security and compliance while hosting their valuable assets. By tying together governance-focused, audit-friendly service features with applicable compliance or audit standards, SWPDIP Compliance Enablers build on traditional programs that help customers establish and operate in an SWPDIP security-control environment.
We comply with IT standards broken out by Certifications and Attestations; LSWP, Regulations and Privacy, and Alignments and Frameworks. Compliance certifications and attestations are assessed by a third-party, independent auditor and result in a certification, audit report, or attestation of compliance. SWPDIP customers remain responsible for complying with applicable compliance lSWP regulations and privacy programs. Compliance alignments and frameworks include published security or compliance requirements for a specific purpose such as a specific industry or function.
The Personal Information Protection and Electronic Documents Act (PIPEDA)
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that applies to the collection, use, and disclosure of personal information in the course of commercial activities in all Canadian provinces as supplemented by substantially similar provincial privacy laws in Alberta, British Columbia, and Québec. PIPEDA also applies to international and interprovincial transfers of personal information. SWP Security Compliance Program does not have visibility into, or knowledge of what our customers’ users are uploading onto its network, including whether or not that data is deemed subject to PIPEDA regulations. However, SWPDIP Security Compliance Program uses the information available and all best practices necessary for our client’s PIPEDA compliance.
Third Party Audits That Validate the SWP DEEP Security Compliance Program’s Security Control Environment.
ISO/IEC 27001:2013
ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO/IEC 27002 best practice guidance. The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS) which defines how SWPDIP perpetually manages security in a holistic and comprehensive manner. This widely-recognized international security standard specifies that SWPDIP do the following:
- We systematically evaluate our information security risks, taking into account the impact of threats and vulnerabilities.
- We design and implement a comprehensive suite of information security controls and other forms of risk management to address customer and architecture security risks.
- We have an overarching management process to ensure that the information security controls meet our needs on an ongoing basis.
SWPDIP has certification for compliance with ISO/IEC 27001:2013, 27017:2015, and 27018:2014. These certifications are performed by independent third-party auditors. Our compliance with these internationally-recognized standards and code of practice is evidence of our commitment to information security at every level of our organization. The SWPDIP security program is in accordance with industry-leading best practices.
ISO/IEC 27018:2019 Compliance
ISO/IEC 27018:2019 is a code of practice that focuses on protection of personal data in the cloud. It is based on ISO/IEC information security standard 27002 and provides implementation guidance on ISO/IEC 27002 controls applicable to public cloud Personally Identifiable Information (PII). It also provides a set of additional controls and associated guidance intended to address public cloud PII protection requirements not addressed by the existing ISO/IEC 27002 control set.
SWPDIP System and Organization Controls (SOC)
SWPDIP System and Organization Controls (SOC) reports are independent third-party examination reports that demonstrate how SWPDIP achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the SWPDIP controls established to support operations and compliance. There are five SWPDIP SOC Reports:
SWPDIP SOC 1 Report, available to SWPDIP customers from SWPDIP Artifact.
SWPDIP SOC 2 Security, Availability & Confidentiality Report, available to SWPDIP customers from SWPDIP Artifact.
SWPDIP SOC 2 Security, Availability & Confidentiality Report available to SWPDIP customers from SWPDIP Artifact (scope includes Amazon Document DB only).
SWPDIP SOC 2 Privacy Type I Report, available to SWPDIP customers from SWPDIP Artifact.
SWPDIP SOC 3 Security, Availability & Confidentiality Report, publicly available as a whitepaper.
Contact us today for more information about how we protect one of the essential assets of your business during the pandemic and how we can improve it.