Security & Compliance

Your Business Relies on Our Security

and we take our commitment seriously.

A data security incident can quickly become front-page news, resulting in lost revenue, projects, and jobs as well as becoming a public relations nightmare. When the instance involves hospitality, it also risks damaging relationships with your customers, leaving everyone involved with a black eye.

We know your business depends on us keeping information secure. To ensure protection against cyber-threats, UniFocus holds its security measures to the highest standards. We stay on top of the latest in data security, making significant investments to comply with industry standards. We’re so open about our security, in fact, that you can request a copy of our audit reports to see how well we achieved our security goals.

To ensure we meet our customers’ security needs, we consistently maintain SOC 1 Type 2 and SOC 2 Type 2 certifications as well as GDPR compliance. So, you can rest easy knowing your business’ data are safe with us.

• SSAE 18 – Statement on Standards for Attestation Engagements
  This represents the latest compliances standards and supersedes SSAE 16, which effectively replaces SAS 70 as the authoritative guidance for reporting on service organizations. SSAE 16 was drafted with the intention and purpose of updating the US service organization reporting standard so that it mirrors and complies with the new international service organization reporting standard – ISAE 3402.
• SOC – Service Organization Control
  SOC reports were created by the American Inst. of Certified Public Accountants (AICPA) to set compliance standards and keep pace with the rapid growth of cloud computing and businesses outsourcing their services to third-party providers.
  • SOC 1 Type 2 Certified
    SOC 1 is a report on controls at a service organization relevant to a user entity's internal control over financial reporting.
  • SOC 2 Type 2 Certified
    SOC 2 is a report that focuses on controls at a service provider relevant to security, availability, processing integrity, confidentiality, and privacy of a system. It ensures that your data is kept private and secure while in storage and in transit and that it is available for you to access at any time. This is a crucial report for any type of data that you entrust with a third-party provider.
• GDPR (General Data Protection Regulation) Compliant
  GDPR is a regulation in EU law on data protection and privacy for all individual citizens of the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR primarily aims to give control to individuals over their personal data and simplify the regulatory environment for international business by unifying regulation within the EU.