Welcome to MacStadium's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.
If you need to request that our GRC team complete a custom questionnaire or online assessment as part of your vendor evaluation process, please submit the document or URL through this trust center after requesting portal access above and then create security@macstadium.com as the user account in your vendor platform. Please be advised that email requests will not be fulfilled without a registered account and submission of your request through the trust center portal.
MacStadium's 2024 annual penetration testing engagement performed by Converge Technology Solutions (https://convergetp.com/cybersecurity/) has been completed and all reports are now available for review and download in the trust center .
Hello, MacStadium customers, MacStadium's annual ISO 27001/27017/27018 and SOC 2 Type II reports for the 12-month period ending on November 30th, 2024, are now available. All MacStadium customers are welcome to obtain a copy of the report for review via our Trust Center. Please reach out to security@macstadium.com if you have any questions.
Best Regards,
The MacStadium Security & Compliance Team
At MacStadium, we are committed to security, privacy, and transparency. We are writing to notify you that we have updated our Privacy Policy in accordance with the latest EU-US Data Privacy Framework provisions. As such, we encourage you to take a moment to review the updated policy.
These updates will take effect on October 1st, 2024. By using our services on or after that date, you’ll be agreeing to these revisions. You should take the time to read the policy in full, but the key updates include: • Compliance with the UK Extension to the EU-U.S. Data Privacy Framework principles for UK data subjects
Remember, you can use the controls we have described in the updated policy to limit the information we collect about you or how we use it.
Please note that we have also updated the list of MacStadium Sub-Processor Vendors that we use in the marketing, delivery and support of services to our customers. We perform reviews of the data privacy contractual commitments and security controls implemented by each of these vendors on a regular basis to ensure that the same commitments we make to you are maintained by our suppliers.
Updates to the sub-processor listing include: • The addition of ZenDesk as a new sub-processor used for the purpose of customer service & support • The addition of ProductBoard as a new sub-processor used for the purpose of product management customer engagement
If you have any questions or concerns, please contact us at privacy@macstadium.com.
Thank you,
MacStadium Data Privacy Team
MacStadium security & compliance Shared Responsibility Models are now available for download in the trust center documents listing.
Security and Compliance is a shared responsibility between MacStadium and the customer. This shared responsibility model can help relieve the customer’s operational burden as MacStadium manages security controls for the infrastructure supporting your dedicated cloud environment down to the physical security of the facilities in which the service operates.
The customer assumes responsibility and management of the infrastructure software and data within their dedicated private cloud environment (including updates and security patches), other associated application software as well as the management of the MacStadium provided firewall at the time of service handoff. Customers should carefully consider the services they choose as their responsibilities vary depending on the product technologies and services used, the integration of those services into their IT environment, and applicable laws and regulations. The nature of this shared responsibility is intended to provide flexibility and customer control.
Please refer to MacStadium's Consensus Assessment Initiative Questionnaire (CAIQ) for additional detailed information regarding customer, MacStadium, and 3rd party responsibilities.
MacStadium is proud to announce that it has joined the Cloud Security Alliance as a solution provider member listed in the Security, Trust, Assurance, and Risk (STAR Level-1) registry to demonstrate our ongoing commitment to promoting cloud security best practices for our company and our customers.
Please visit https://cloudsecurityalliance.org/star/registry/macstadium-inc/services/mac-cloud-compute to learn more.
If you need help using this Trust Center, please contact us.
If you think you may have discovered a vulnerability, please send us a note.