Security & Privacy
in the Cloud

The security and well-being of our customers underpins everything we do.

Having deployed SmartSimple in some of the most security conscious organizations in both public and private sectors, we continually pursue stronger security standards.

This experience goes to benefit all of our customers as we apply the same rigorous approach to security throughout our platform and organization.

Compliance in the Cloud

  • SmartSimple and its hosting partners are SOC 2 certified (SOC 2 is the most recognized compliance criteria for cloud vendors around the world).
  • SmartSimple maintains compliance certifications for SOC 1/SSAE 16/CSAE 3416/ISAE 3402 (formerly SAS70), SOC 2.
  • SmartSimple is compliant with the standards for PCI DSS Level 3, FIPS 140-2 encryption.
  • In February 2016, SmartSimple achieved a FedRAMP Authority to Operate (ATO) at the moderate impact level issued by the US Department of Defense.
  • SmartSimple supports both 2-factor and single sign on integration for enhanced authentication.
  • Information is encrypted at rest and in motion for increased security.

SmartSimple adheres to industry leading compliance and audit standards for your peace of mind.

Security in the Cloud is a Shared Responsibility

While we ensure our platform's security and the protection of your information, we all bear a responsibility throughout your data’s life cycle.

To really understand why security is a shared responsibility, you need to know the difference between two key concepts:

Security of the Cloud – these are the security measures that we, your cloud service provider, implement.

Security in the Cloud – these are the security measures you, our client, implement to safeguard your content and applications.

SmartSimple is responsible for

  • Protection of client information
  • Cyber security of client data
  • Cyber security of application
  • Cyber security of operating components
  • Physical security in office and hosting center

Client is responsible for

  • Maintenance of user accounts and access
  • System usage policies
  • Maintenance of security policies
  • Cyber security of client infrastructure
  • Physical security in client facilities

Better Together

Security requires a systematic approach; everyone needs to do their part. By working together, being aware of security best practices, and taking appropriate action, we create a safe, secure environment in the cloud.

SmartSimple is SOC 1 and SOC 2 Compliant

We subscribe to a high level of testing, training and compliance that ensures we meet very stringent standards, set by unbiased outside auditors. These professional auditors independently verify and certify that we are following regulated guidelines and are meeting our commitments. We are Service Organization Control (SOC 1 and SOC 2) compliant.

Top