Compliance
Visualnet.ai Infrastructure employ a number of unique security protocols and technologies which help our clients comply with the most stringent of regulatory requirements. Combine those features with 24/7/365 armed security and mature operational controls, and Visualnet.ai becomes a valuable asset and partner for clients in highly-regulated industries.
Network and logical controls include:
- Multi-Factor Authentication
- Hardware and Software Firewalls
- Vulnerability Scans
- Anti-Virus and Anti-Spyware Protection
- Intrusion Detection and Prevention Service
- Industry Standard Use of IPSEC, VPN, and SSL Certificates.
Physical controls include:
- 24/7/365 Armed Security Teams
- Two Factor Authentication
- Biometric Identity Verification at the Equipment Rack Level
- Extensive Use of Video Surveillance Throughout Our Data Center Locations
SSAE18/SOC 1 Type 2
SOC 1 reports are provided to service organizations that are reporting on controls relevant to Internal Control Over Financial Reporting (ICFR). Type 2 reports sample data over a period of time, providing assurance of consistent compliance, versus using data from just a single point in time with Type 1.
SOC 2 Type 2
SOC 2 framework is a reporting option specifically designed for entities such as data centers, I.T. managed services, software-as-a-service (SaaS) vendors, and other technology and cloud computing-based businesses. SOC 2 frameworks address a comprehensive set of criteria known as the Trust Services Principles.
SOC 3 Type 2
Every business is unique. Our product delivery is designed to provide maximum value and efficiency from a sole-proprietor to multi-location corporations. Our focus is on your unique needs, and strive to provide value at every step of your growth.
HIPAA Compliance
Visualnet.ai infrastructure meet stringent requirements for compliance with the Health Insurance Portability and Accountability Act (HIPAA). ScaleMatrix complies with the rules that apply to our systems and levels of access which helps our clients comply with portions of HIPAA. BAA is available.
PCI DSS v3.2 AoC and Merchant Level 4/SAQ C-VT Certification
The Payment Card Industry Data Security Standard is followed by organizations that store, process, and/or transmit cardholder data. ScaleMatrix undergoes quarterly vulnerability and penetration testing through Sysnet Global Solutions.
Privacy Shield Certification
Visualnet.ai has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. Please view the Privacy Policy Update section in our Privacy Policy to view the certification to learn more and view our certification.
NIST SP 800-171 Compliance
Visualnet.ai compliance refers to an organization's adherence to the security requirements outlined in the NIST Special Publication 800-171, which mandates specific controls for protecting "Controlled Unclassified Information" (CUI) within non-federal systems.
CMMC (Cybersecurity Maturity Model Certification)
Visualnet.ai CMMC compliance is a system that measures an organization's ability to protect data. The Department of Defense (DoD) uses CMMC to ensure that contractors and subcontractors have the security to work with controlled unclassified information (CUI).
DFARS
Visualnet.ai DFARS (Defense Federal Acquisition Regulation Supplement) compliance is a set of cybersecurity regulations that defense contractors and suppliers must follow in order to be awarded new DoD contracts.
GDPR Compliance
Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive).
Visualnet.ai provides you with the proper compliance documentation that you need.
SSAE16 reports are delivered in hard copy. Electronic summaries of the reports are available upon request. PCI DSS AoC, Trustwave Certificate, and SSL server tests results are delivered electronically.
Third party audits and security questionnaires, Visualnet.ai policies on specific topics, employee-required training, responsibility matrices for HIPAA and PCI compliance, as well as industry-specific training, including CMS required training, and verifications of eligibility such as U.S. Government OIG and SAM Exclusionary searches are provided upon request.
Visualnet.ai audited controls matrix maps to a number of additional industry and compliance standards:
- Food and Drug Administration (FDA)
- U.S.-EU Safe Harbor (European Commission's Directive on Data Protection)
- Gramm-Leach-Bliley (GLBA)
- International Traffic in Arms Regulations (ITAR)
- Federal Information Security Management Act (FISMA)
Unless otherwise noted, clients are responsible for their own compliance controls above the hypervisor, i.e., within the virtualized layer where the operating systems, databases, applications and integrations points reside.