Press Release

Compliance with SOC 2, ISO, FedRAMP, and other stringent regulations validates strong internal controls

Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network, announced today that it successfully completed its SOC 2 Type II audit examination and ISO/IEC 27001:2013, 27017:2015, and 27018:2019 certifications for the Kiteworks platform. This marks the sixth consecutive year Kiteworks has attained SOC 2 certification and second consecutive year for the ISO certifications, demonstrating the company’s longstanding commitment to data security and compliance. Kiteworks also holds compliance achievements with various other standings, including FedRAMP Authorized for Moderate Level Impact.

The SOC 2 and ISO audits were conducted by Moss Adams, a professional services firm, in accordance with attestation standards established by the American Institute of Certified Public Accountants (AICPA). To maintain SOC 2 as well as ISO 27001, 27017, and 27018 compliance, Kiteworks must establish strict information security policies and procedures and adhere to them.

“Maintaining SOC 2 and ISO certification year after year requires an enormous company-wide effort and unwavering diligence,” said Frank Balonis, CISO and SVP of Operations at Kiteworks. “Our customers trust us with their most sensitive and confidential data. This certification, in addition to our long list of certification and compliance achievements, underscores our commitment to earning that trust.”

The SOC 2 audit examined Kiteworks’ internal controls for security, availability, processing integrity, confidentiality, and privacy. Per the auditor’s reporting, Kiteworks met the SOC 2 standards for each of these criteria. The three ISO examinations, which were also conducted by Moss Adams, found that Kiteworks’ information security management system conforms to established requirements.

Kiteworks’ SOC 2 and ISO recertifications corroborate Kiteworks’ longstanding commitment and achievements related to security and compliance standards. Notably, Kiteworks is the only secure content communications platform that is FedRAMP Authorized, having achieved FedRAMP Moderate Authorization six consecutive years. FedRAMP is widely considered one of the most rigorous security standards and authorized cloud service providers for use by U.S. federal agencies and contractors. By attaining FedRAMP authorization, Kiteworks demonstrated the ability to implement adequate security measures to protect sensitive government data in the cloud.

On top of FedRAMP, SOC 2, and the three ISO standards, Kiteworks is assessed to numerous other influential global standards and regulations, including the Information Security Registered Assessors Program (IRAP) Assessed to PROTECTED level status, Federal Information Processing Standards (FIPS) 140-2, the U.K.’s Cyber Essential Plus, and more. This extensive library of achievements provides transparency into Kiteworks’ data governance practices and risk mitigation strategies. It also assures customers their sensitive content is secured to the highest standards.

Kiteworks’ SOC 2 certification coupled with its robust compliance portfolio validate the company’s effectiveness in establishing rigorous controls for security and privacy. Customers that leverage the Kiteworks-enabled Private Content Network can confidently send and share sensitive content, including personally identifiable information (PII), protected health information (PHI), IP, financial documents, and merger and acquisition (M&A) details, within their organizations and with third parties.

To learn more about the Kiteworks-enabled Private Content Network, click here.

PR Contact

David Schutzman
Schutzman Public Relations
david@schutzmanpr.com