Security is part of Nasuni's identity. With a dedicated security team that has various certifications and years of experience, you can rest assured that we take security seriously.
Nasuni has adopted the Secure Controls Framework (SCF), which includes controls mapped to NIST 800-53, CSA CCM, SOC2, and ISO 27001:2022.
Use this page to gain an overview of Nasuni's information security capabilities.
Nasuni Customers and Prospects,
Nasuni has successfully completed another clean audit for SOC 2 Type II, HIPAA/HITECH, and the Cloud Security Alliance (CSA) Cloud Control Matrix. This report is now available for download at trustcenter.Nasuni.com. We anticipate the release of our ISO27001 with the 2022 controls in the coming weeks.
--Nasuni InfoSec and Compliance Team
With great excitement, on October 11th, 2023, Nasuni completed our SOC2 Type II audit covering December 21, 2022 to September 30, 2023. The full report is available in the Trust Center for download under NDA. This report also includes our HIPAA certification.
Nasuni recently underwent our 2023 Web Application and API Penetration Test. and the results are now available in the Trust Center.
Nasuni Customers,
On October 25th, 2022, OpenSSL announced a critical vulnerability for OpenSSL Version 3.x. While Nasuni leverages OpenSSL, we have reviewed and determined that the versions of OpenSSL used in all of our products and services are not impacted by this vulnerability. If you have any questions, please reach out to Nasuni Support.
As update to Nasuni to achieving our SOC2Type1 certification. We have completed our readiness assessment and confirmed that we are in good shape to pass our audit in December with little challenge. Once we get the certification back from the auditors, Nasuni will post it on the portal and at the same time post an update on this portal. The plan for SOC2Type2 is to have that audit completed after the mandatory 90-day observation period has lapsed.
If you think you may have discovered a vulnerability, please send us a note.