Keep Content and Customer Data Secure with Acquia
The best digital experiences start with trust. Acquia provides a comprehensive platform to safeguard your content and protect customer data from day one.
Secure by Design
Designed to be highly secure, with a 30+ person security team, Drupal is trusted by the most mission critical websites in the world. 10K contributors means that bugs can’t hide and makes the platform one of the most secure and stable platforms on the market.
The Safest Platform for Drupal
Reduce the risk of security incidents with a fully managed platform tailored to protect your Drupal applications from malicious attacks.
Security & Governance at Scale
Managing hundreds or thousands of sites shouldn’t mean compromising on security. Scale efficiently while maintaining strong governance and access controls across all your digital experiences.
90%
reduction in security vulnerabilities
40%
reduction in audit preparation time
30%
increase in user retention rates
25%
average savings in operational costs
Digital Security Capabilities
Enabled Security Features
Secure out-of-the-box with security features like IPv6 Support, SSH Shell Access, and Customer WAF Support
Managed Security Services
Get Automated Drupal Security Updates, Vulnerability Scans, and Platform security audits and updates all personally managed by Acquia
Compliance Standards
Meet standards across a variety of industries with FedRAMP Authorization, PCI, HIPAA, GDPR, SOC Type 1 and SOC Type 2, and more
Enforce Roles & Permissions
Give users partitioned access and permissions to job-specific parts of the platform
Multisite Governance
Define, group, and manage content and website functionality, policies, and standards
Automated Global Updates
Enforce and automate global updates for all your sites, leaving no site vulnerable
Advanced Security Features
Get an adaptable system designed to meet your needs. Offering password policy and reset rules, IP whitelisting for access, audit log settings, and more.
Bot Manager
Detect unknown bots and compile real-time and historical reporting on your site bot traffic.
CDN
Speed up app delivery and ensure availability with 200+ PoPs, cut load times by up to 50% for static and dynamic content, and block DDoS attacks.
Edge Security
Thwart DDoS attacks before they reach your site, preempt threats in under 10 seconds, Web Application Firewall protects your site from threats, and beyond.
| SSAE18/ISAE 3402: Service Organization Control (SOC 1) Type II |
|---|
|
Statement on Standards for Attestation Engagement (SSAE) No. 18 is an attestation standard used to evaluate the design and operating effectiveness of Acquia’s information technology controls that impact our customers’ own internal controls over financial reporting. SSAE 18 is an American auditing standard issued by the American Institute of Certified Public Accountants (AIPCA). In order to meet the requirements of international accounting standards, Acquia receives a “SSAE 18/ISAE 3402 Combo Report.” The ISAE 3402 report provides coverage to support the financial reporting requirements of International organizations.
|
| Service Organization Control (SOC 2) Type II |
|---|
|
Acquia’s SOC 2 Report includes an assessment against the Common Criteria principles of Security, Availability, and Confidentiality.
|
| Payment Card Industry - Data Security Standard (PCI-DSS) |
|---|
|
For customers that process, store, or transmit cardholder data Acquia provides a PCI-DSS compliant hosting platform to ensure the protection of your customer's cardholder data in accordance with PCI-DSS version 3.2.
|
| Health Insurance Portability and Accountability Act (HIPAA) |
|---|
|
The Acquia Cloud Platform meets the requirements of the HIPAA Security Rule and HITECH for electronic Protected Health Information (ePHI).
|
| Federal Education Records Privacy Act (FERPA) |
|---|
|
The Federal Education Records Privacy Act (FERPA) mandates that institutions protect their students’ educational records and personal data. For Acquia’s higher education customers, they rest easy knowing that Acquia Cloud’s security and compliance controls provide FERPA-compliant digital experiences. Multi-layered cloud security controls, configurable user permissions, and built-in backups and disaster recovery make it easy to achieve FERPA compliance requirements and additionally, all Acquia Cloud services are monitored by a dedicated incident response team. FERPA. Check!
|
| ISO 27001 |
|---|
|
Acquia is ISO 27001 certified. ISO/IEC 27001:2013 (ISO 27001) is a globally recognized security standard driven by the implementation of an information security management system (ISMS). You can see our certification mark here: https://www.schellman.com/certificate-directory
|
| FedRAMP |
|---|
|
The Acquia Cloud Platform is FedRAMP compliant, and detail on authorizing agencies can be viewed in the FedRAMP Marketplace: https://marketplace.fedramp.gov/#/product/acquia-cloud?sort=productName
|
| How does Acquia Cloud protect my data from breaches or unauthorized access? |
|---|
|
Acquia Cloud employs advanced security measures like encryption, secure access controls, and continuous monitoring to safeguard your data. These layers of defense protect against breaches and ensure that only authorized users can access sensitive information.
|
| What compliance certifications does Acquia Cloud meet? |
|---|
|
Acquia Cloud is compliant with major security certifications, including GDPR, HIPAA, FedRAMP, SOC 1, SOC 2, and PCI DSS. These certifications demonstrate its ability to meet stringent regulatory and industry standards for data protection and security.
|
| Does Acquia Cloud offer real-time threat monitoring? |
|---|
|
Yes, Acquia Cloud provides proactive, 24/7 threat monitoring and detection. This allows enterprises to identify and respond quickly to potential threats, minimizing risks and keeping your applications secure.
|
| How does Acquia Cloud support encryption for sensitive data? |
|---|
|
Acquia Cloud uses encryption for data at rest and in transit, ensuring a secure environment for all operations. This protects sensitive information from interception and unauthorized access.
|
| Can Acquia Cloud help my business meet regulatory requirements? |
|---|
|
Absolutely. With built-in compliance tools and features tailored to global regulations like GDPR and HIPAA, Acquia Cloud simplifies the process of meeting regulatory requirements. This reduces your compliance burden and keeps you audit-ready.
|
Avoid data breaches and protect your customers.
Contact us to find the right solution.
