Security and compliance

SOC stands for Service and Organization Controls, is introduced by AICPA and is based on the Trust Services Criteria.

SOC 2 (Service and Organization Controls 2) is a type of audit report that attests to the trustworthiness of services provided by a service organization. It is commonly used to assess the risks associated with outsourced software solutions that store customer data online.

Kaleido has maintained SOC2 Type 2 compliance for three “trust service principles”—security, availability, and confidentiality.

With SOC2 compliance, the auditor confirms that the organization is following the controls that it has put in place and that the controls are appropriate to protect the interests of the organization and the privacy of its clients. For security-conscious businesses, SOC 2 compliance is a minimal requirement when considering a SaaS provider.

Kaleido maintains ISO 27001, 27017, and 27018 which are an information security standard published by the International Organization for Standardization, the world’s largest developer of voluntary international standards, and the International Electrotechnical Commission. Kaleido’s certification was issued by A-lign, an independent and accredited certification body based in the United States upon successful completion of a formal audit process.
‍
This certification is evidence that Kaleido has met rigorous international standards in ensuring the confidentiality, integrity, and availability of the Kaleido Blockchain as a Service full-stack platform.  Kaleido’s ISO 27001 certification includes control from ISO 27001 for cloud service providers and ISO 27018 for protection of personally identifiable information.