Concrete CMS Hosting passed SOC 2 Availability Audit

Concrete CMS Hosting passed SOC 2 Availability Audit


Sep 7, 2022
by lisan

When it comes to choosing a hosting provider, we know that finding one with proven reliability who cares about information security is absolutely essential!  Concrete CMS hosting strives to exceed industry standards for web hosting security and privacy. 

Concrete CMS Hosting went under the microscope by Marcum LLP to ensure that AICPA SOC 2 Availability controls, as well Security controls, are in place and operating effectively. We asked them to investigate the additional SOC 2 Availability trust services criteria this year to give our hosting clients confidence that they can rely on our cloud service to keep their websites and intranets up and running smoothly. 

The SOC 2 Type 2 Availability Trust Principle is an optional add-on to a SOC 2 Security audit which PortlandLabs undergoes annually. PortlandLabs is the founder/maintainer of the open source Concrete CMS and provides web and intranet hosting services for Concrete users. Concrete CMS itself, as well as Concrete CMS hosting, are in scope for our SOC 2 and ISO 27001 certifications! 

Our core value is “Building a Web for the Greatest Good”. Maintaining our SOC 2 certification shows that we are doing our best to do just that. Security incidents and breaches are expensive, embarrassing, and excruciating. Hence, companies that care about their business and protecting their customer information are demanding that their SaaS service organizations processing or storing customer data have SOC 2 compliance. Achieving SOC 2 proves that PortlandLabs and Concrete CMS take protecting client data seriously and that we have implemented security, privacy and availability internal controls to protect our clients as well as the Concrete open source community. 

Please contact us should you need a copy of our SOC 2 audit report. 

Report Description: Our SOC 2 Type II report outlines the extensive security and availability controls that PortlandLabs has implemented and continually operates in order to meet the community and customer expectations.By achieving this SOC 2 Type II certification, we have demonstrated that PortlandLabs’ (and Concrete CMS’) system is designed to keep both our clients’ and the Concrete open source community’s sensitive data secure and available.