As a security company, we’ve built security into everything we do. Our number one focus is to help organizations gain insight into security risks. Our commitment to security and privacy is underscored by a number of industry certifications.

GDPR Readiness

The European Union’s General Data Protection Regulation (GDPR) protects European Union subjects’ fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance.

Protego Labs and all its data are hosted on Amazon Web Services (AWS). Clients in the EU and the UK will be automatically hosted on compatible servers and data originating from those clients will therefore not be transferred out of the EU, in accordance to the AWS policy.

SOC 2 Type II

The purpose of these reports is to help you and your auditors understand the controls established to support operations and compliance at Protego Labs.

We are currently undergoing auditing by a third party in order to demonstrate how Protego Labs achieves key compliance controls and objectives. We will allow you to access our SOC 2 report once we get certified. Stay tuned.

ISO 27001:2013 Self-Certified

ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). Protego Labs is currently working towards achieving ISO/IEC 27001:2013 certification. Becoming certified will attest to our customers the integrity of Protego Labs’ Information Security Management System (ISMS). In the meantime, we can only attest for ourselves.

Cloud Security Alliance (CSA) STAR

A CSA STAR Consensus Assessments Initiative Questionnaire v3.0.1 (CAIQ) for Protego Labs,  is available for download on the Cloud Security Alliance’s STAR Registry website.

The CSA Security, Trust & Assurance Registry (STAR) is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings, thereby helping customers assess the security of cloud providers they currently use or are considering contracting with.

The latest version of the CAIQ, aligned to CSA’s Cloud Controls Matrix (CCM) v.3.0.1, provides answer to over 300 questions a cloud customer or a cloud security auditor may wish to ask of a cloud provider.

Serverless Security Blog

Read our Serverless Security Blog to learn more about the different serverless landscape and how to optimize security.