The mission of Edgio’s compliance is to help customers understand the security controls in place to protect customer content and user data. Edgio Compliance provides assurance related to the underlying infrastructure, but your organization owns the compliance initiatives related to anything placed on the content delivery network (CDN) infrastructure. Information provided by Edgio Compliance helps you determine our compliance posture and assess your organization’s compliance obligations within your industry and/or government requirements.
Edgio HTTP-Large is fully compliant under the Payment Card Industry Data Security Standard (PCI-DSS). Customers can improve the performance of their web applications that store, process, and transmit credit card information by running them on our PCI-compliant infrastructure.
To evaluate the effectiveness of security controls in place, Edgio is audited regularly by an accredited third party and can provide a Service Organization Controls 2 (SOC 2), Type II report, by request. The SOC 2 report is an evaluation of controls based on the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. The Edgio SOC 2 defines leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Edgio. This report provides additional transparency into Edgio’s security and availability based on a defined industry standard and further demonstrates our commitment to protecting customer data.
Edgio is ISO 27001 certified under the International Organization for Standardization (ISO) 27001 standard. ISO 27001 is a widely adopted global security standard that outlines the requirements for information security management systems. It provides a systematic approach to managing company and customer information that’s based on periodic risk assessments. To achieve the certification, a company must show it has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity and availability of company and customer information.
The Motion Picture Association (MPA) has established a set of best practices for securely storing, processing, and delivering protected media and content. Media companies use these best practices as a way to assess risk and security of their content and infrastructure. Edgio has demonstrated alignment with the MPA Best Practices, and Edgio infrastructure is compliant with all applicable MPA infrastructure controls.
In 2011, the Cloud Security Alliance (CSA) launched STAR, an initiative to encourage transparency of security practices within cloud providers. The CSA STAR Certification is a rigorous third-party independent assessment of the security of a cloud service provider. The technology-neutral certification leverages the requirements of the ISO/IEC 27001:2005 management system standard together with the CSA Cloud Controls Matrix.
Get the information you need. When you’re ready, chat with us, get an assessment or start your free trial.