As the cloud security leader serving the world’s largest and most valuable customers, we have directed significant resources to ensure that our data centers, hardware, software, and processes are secure, redundant, meet the most rigorous standards, and deliver the high performance even our most stringent customers require.
Our Global Cloud Infrastructure and data center hosting providers employ state-of-the-art physical security controls and we regularly engage independent auditors to ensure the highest level of compliance with best-of-breed frameworks and standards.
Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance.
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program enables government agencies to adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT.
Learn more about Netskope’s Authorization.
CIS is an independent, nonprofit organization with a mission to create confidence in the connected world. The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through their core competencies of collaboration and innovation. CIS is a community-driven nonprofit, responsible for the CIS Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data.
Netskope CSPM has received CIS Benchmark Certification, specifically:
The International Organization for Standardization 27001 Standard (ISO 27001) is an information security standard that ensures office sites, development centers, support centers and data centers are securely managed. These certifications run for 3 years (renewal audits) and have annual touch point audits (surveillance audits).
To request the ISO 27001 certification, please contact your account representative.
ISO/IEC 27017 ist ein Sicherheitsstandard, der für Anbieter und Benutzer von Cloud-Diensten entwickelt wurde, um eine sicherere Cloud-basierte Umgebung zu schaffen und das Risiko von Sicherheitsproblemen zu verringern.
To request the ISO 27017 certification, please contact your account representative.
The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.
To request the ISO 27018 certification, please contact your account representative.
The CSA Security, Trust and Assurance Registry (STAR) encompasses the key principles of transparency, rigorous auditing, harmonization of standards, with continuous monitoring. STAR consists of three levels of assurance, which currently cover four unique offerings all based upon a succinct yet comprehensive list of cloud-centric control objectives in the CSA’s Cloud Controls Matrix (CCM). CCM is the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.
Cyber Essentials ist ein staatliches Informationssicherungssystem des Vereinigten Königreichs, das vom United Kingdom National Cyber Security Center (NCSC) betrieben wird. Es ermutigt Organisationen, bewährte Praktiken in der Informationssicherheit zu übernehmen. Cyber Essentials enthält auch ein Assurance-Framework und eine einfache Reihe von Sicherheitskontrollen, um Informationen vor Bedrohungen aus dem Internet zu schützen.
To request the UK Cyber Essentials certification, please contact your account representative.
For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce
For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.
Cloud Computing Compliance Controls Catalog (C5) is a German Government-backed attestation scheme introduced in Germany by the Federal Office for Information Security (BSI) to help organizations demonstrate operational security against common cyber-attacks within the context of the German Government’s “Security Recommendations for Cloud Providers”.
To request the C5 copy please contact your account representative.
Netskope supports the customer’s compliance for Processing covered by the California Consumer Privacy Act of 2018 (the “CCPA”). To confirm applicable aspects of the CCPA in connection with Customer’s use of the Services, Netskope has provided this Compliance Statement. This notice supplements the Netskope Privacy Policy.
Netskope embraces the principles of Section 508 and acknowledges the needs of individuals with disabilities by publishing accessibility self-assessments of our products through the use of Voluntary Product Accessibility Templates (VPATs).
To request the Netskope VPAT, please contact your account representative.
Netskope ist in der hohen Kategorie des National Security Scheme (Esquema Nacional de Seguridad) zertifiziert. Diese Zertifizierung definiert die Sicherheitsstandards, die für alle Regierungsbehörden und öffentlichen Organisationen in Spanien sowie für die Dienstleister gelten, von denen öffentliche Dienste abhängen.
Click here to see our certification.
View Netskope’s Customer Data Processing Addendum (DPA)
To execute Netskope’s Customer DPA please follow the instructions on page 1 of the DPA. Please return an executed copy of the DPA to [email protected].
For any questions or queries or to request a copy of the DPA in an alternative format, please contact us at [email protected].
Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance.
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program enables government agencies to adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT.
Learn more about Netskope’s Authorization.
CIS is an independent, nonprofit organization with a mission to create confidence in the connected world. The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through their core competencies of collaboration and innovation. CIS is a community-driven nonprofit, responsible for the CIS Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data.
Netskope CSPM has received CIS Benchmark Certification, specifically:
The International Organization for Standardization 27001 Standard (ISO 27001) is an information security standard that ensures office sites, development centers, support centers and data centers are securely managed. These certifications run for 3 years (renewal audits) and have annual touch point audits (surveillance audits).
To request the ISO 27001 certification, please contact your account representative.
ISO/IEC 27017 ist ein Sicherheitsstandard, der für Anbieter und Benutzer von Cloud-Diensten entwickelt wurde, um eine sicherere Cloud-basierte Umgebung zu schaffen und das Risiko von Sicherheitsproblemen zu verringern.
To request the ISO 27017 certification, please contact your account representative.
The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.
To request the ISO 27018 certification, please contact your account representative.
The CSA Security, Trust and Assurance Registry (STAR) encompasses the key principles of transparency, rigorous auditing, harmonization of standards, with continuous monitoring. STAR consists of three levels of assurance, which currently cover four unique offerings all based upon a succinct yet comprehensive list of cloud-centric control objectives in the CSA’s Cloud Controls Matrix (CCM). CCM is the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.
Cyber Essentials ist ein staatliches Informationssicherungssystem des Vereinigten Königreichs, das vom United Kingdom National Cyber Security Center (NCSC) betrieben wird. Es ermutigt Organisationen, bewährte Praktiken in der Informationssicherheit zu übernehmen. Cyber Essentials enthält auch ein Assurance-Framework und eine einfache Reihe von Sicherheitskontrollen, um Informationen vor Bedrohungen aus dem Internet zu schützen.
To request the UK Cyber Essentials certification, please contact your account representative.
For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce
For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.
Cloud Computing Compliance Controls Catalog (C5) is a German Government-backed attestation scheme introduced in Germany by the Federal Office for Information Security (BSI) to help organizations demonstrate operational security against common cyber-attacks within the context of the German Government’s “Security Recommendations for Cloud Providers”.
To request the C5 copy please contact your account representative.
Netskope supports the customer’s compliance for Processing covered by the California Consumer Privacy Act of 2018 (the “CCPA”). To confirm applicable aspects of the CCPA in connection with Customer’s use of the Services, Netskope has provided this Compliance Statement. This notice supplements the Netskope Privacy Policy.
Netskope embraces the principles of Section 508 and acknowledges the needs of individuals with disabilities by publishing accessibility self-assessments of our products through the use of Voluntary Product Accessibility Templates (VPATs).
To request the Netskope VPAT, please contact your account representative.
Netskope ist in der hohen Kategorie des National Security Scheme (Esquema Nacional de Seguridad) zertifiziert. Diese Zertifizierung definiert die Sicherheitsstandards, die für alle Regierungsbehörden und öffentlichen Organisationen in Spanien sowie für die Dienstleister gelten, von denen öffentliche Dienste abhängen.
Click here to see our certification.
View Netskope’s Customer Data Processing Addendum (DPA)
To execute Netskope’s Customer DPA please follow the instructions on page 1 of the DPA. Please return an executed copy of the DPA to [email protected].
For any questions or queries or to request a copy of the DPA in an alternative format, please contact us at [email protected].
Eine datenzentrierte, kontextualisierte Digital- und Cyber-Risikostrategie ist für Ihren Erfolg unerlässlich. Um die Stärke Ihres Sicherheitsprogramms sicherzustellen, bieten wir für qualifizierte Kunden kostenlose Beratungen mit unseren Top-Strategieexperten an.
We take our responsibility to protect our customers’ information and the services we provide to them very seriously. Here, you may learn about our process and disclosed vulnerabilities.
At Netskope, we take our responsibility to protect our users’ information and the services we provide to them very seriously. Linked below is our Privacy Policy and Vulnerability Disclosure Policy.
The Privacy Statement describes how Netskope collects, uses, shares, and secures the personal information you provide. It also describes your choices regarding use, access and correction of your personal information.
The Vulnerability Disclosure Policy describes what systems and types of research are covered under this policy, how to send us vulnerability reports, and how long we ask security researchers to wait before publicly disclosing vulnerabilities.
Wir würden uns freuen, von Ihnen zu hören!