Certifications and Compliance

Certifications and Compliance

FORTRUST Certifications

Only a handful of data centers worldwide have achieved Tier III Gold certification – and FORTRUST is one of them. We also hold top ratings from the Better Business Bureau, and maintain key compliance measures, including HIPAA, PCI and many more.

tier III gold logo

The Uptime Institute of Professional Services awarded FORTRUST a Tier III Gold Certification of Operational Sustainability, which places FORTRUST in an extremely elite group of data centers in the world to achieve this certification. Learn more about Tier III Gold.

FORTRUST Tier III Constructed Certification

Uptime Institute of Professional Services awarded FORTRUST a Tier III Certification for Constructed Facility. Uptime Institute is the only group licensed to rate and certify data centers around the world in a vendor-agnostic, third-party certification process designed to rate and certify systems and operational sustainability. For more information on Tier Certification please visit the Uptime Institute website.

fortrust-cert-bbb

The Better Business Bureau has recognized FORTRUST’s excellence in providing business value to our customers by awarding an A+ rating for 10 years and counting. FORTRUST is the only BBB accredited data center in Denver. FORTRUST has also been awarded a Torch Award for Marketplace Trust by the Better Business Bureau (BBB) serving Denver/Boulder on November 5, 2015. The BBB Torch Award is a tribute to companies and organizations that exemplify a commitment to honest, fair and ethical practices.

The FORTRUST Tier III Gold Certification for Constructed Facility clearly illustrates the company’s commitment to excellence in data center design, implementation and ongoing management.”
-- Lee Kirby, President of Uptime Institute

Compliance

fortrust-cert-hipa-compliance

The FORTRUST Denver data center is HIPAA compliant. FORTRUST meets the requirements specific to data centers and colocation for HIPAA compliant customers and houses many HIPAA compliant companies within its Denver facility.

fortrust-cert-pci-dss

FORTRUST can help your business meet Payment Card Industry Data Security Standard (PCI-DSS) requirements. EKS&H, a qualified security assessor firm, performed the audit. In recognition of FORTRUST’s adherence to the requirements of the PCI-DSS Report on Compliance (ROC), EKS&H issued FORTRUST an Attestation of Compliance (AOC) with the PCI-DSS ROC for our physical security (requirement 9) and information security related policies and procedures (requirement 12). FORTRUST’s AOC is available for customers by request.

fortrust-cert-aicpa

Based on demonstrated processes, procedures and control objectives, FORTRUST has received a Service Organization Controls (SOC) 1 Type 2 report. The audit for this report is performed in accordance with the Statement on Standards for Attestation Engagements No. 16 (SSAE 16). This report validates that FORTRUST’s internal controls over financial reporting are designed and operating effectively.

FORTRUST is a Service Organization Control (“SOC”) 2 Type 2 reporting colocation facility. The SOC 2 report is an attestation report that is an evaluation of controls specific to the standards set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. The SOC 2 report focuses on a business’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system, as opposed to SOC 1/SSAE 16 which is focused on the financial reporting controls. The FORTRUST report is over security and availability.

The SOC 3 report provides assurance on a service provider’s security, availability, confidentiality, privacy or processing integrity. These reports are prepared to meet the American Institute of Certified Public Accountants (AICPA) Trust Services Principles and Criteria and are designed to meet the needs of customers and potential customers who want assurance about FORTRUST’s controls related to the Trust Service Principles provided in FORTRUST’s report. FORTRUST has chosen to report on controls related to the Security and Availability Trust Principles. Click here to review FORTRUST’s SOC 3 report.

fortrust-cert-glba

The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to develop, implement, and maintain a comprehensive written information security program that protects the privacy and integrity of customer records.

The FORTRUST Denver data center is GLBA compliant. FORTRUST meets the requirements specific to data centers and colocation for GLBA compliant customers and houses many GLBA compliant companies within its Denver facility.

fortrust-sheildlogo-white

The Better Business Bureau has recognized FORTRUST’s excellence in providing business value to our customers by awarding an A+ rating for 10 years and counting.

Additional Resources

fortrust-is-bbb-accredited

FORTRUST is BBB Accredited

The Boulder/Denver Better Business Bureau connects consumers with businesses, brands, and charities they trust. In order to become an accredited entity, businesses, brands and charities must meet their eight standards for trust. FORTRUST is the only accredited data center in Denver, Colorado.

fortrust-what-does-it-mean-for-a-data-center-to-be-hipaa-compliant

WHAT DOES IT MEAN FOR A DATA CENTER TO BE HIPAA COMPLIANT

March 28, 2016

We take a look at HIPAA and examine who these laws affect and what organizations have to do to ensure compliance.

How to select a colocation provider?

Choosing a data center or colocation provider to house your company’s critical IT infrastructure is a difficult decision. Migrating your IT environment is risky, expensive, and time consuming, which is why you want to make the right choice the first time. This white paper reviews the top 10 criteria to discuss when touring data centers in order to make the best choice for your company.