Welcome to Cloudways’ Trust Profile

Within this Profile, please find documentation which contextualizes Cloudways’ approach to securing customers’ applications and data. As a reminder, per the previously executed NDA, these materials may not be shared with third parties. Should you need to share these reports with your customer, please provide them with a link to the Trust Profile. 

SIG Questionnaire

Cloudways has completed the Standardized Information Gathering (SIG) questionnaire as a means of contextualizing our operational, security, privacy, and risk management practices. Please use this document to evaluate Cloudways’ controls, which are designed to complement those of our infrastructure partners. .

Certifications Through Cloud Partners

Cloudways collaborates with infrastructure-as-a-service (“IaaS”) providers, including AWS, Google Cloud, DigitalOcean, Vultr, and Akamai Technologies (formerly, Linode). These providers maintain their own globally recognized certifications, which extend to the infrastructure layer that Cloudways manages for customers. An overview of the certifications these providers maintain can be found below :

• AWS: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 9001, ISO 22301, PCI-DSS, HIPAA, HITRUST CSF, FedRAMP

• Google Cloud: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, Global PRP, PCI-DSS, HIPAA, HITRUST CSF, FedRAMP

• DigitalOcean: SOC 2, SOC 3, Global PRP, CSA STAR Level 1, PCI-DSS, HIPAA

• Vultr: SOC 2, SOC 3, , ISO 27001,  ISO 27017, ISO 27018, CSA STAR Level 1, PCI-DSS, HIPAA

• Akamai Technologies (Linode): SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, PCI-DSS, HIPAA, FedRAMP