Microsoft SSPA Audit Successfully Passed

Microsoft SSPA Audit Successfully Passed

Cloudiway has once again successfully passed the annual external audit for the Microsoft SSPA (Supplier Security and Privacy Assurance) compliance program. The audit proves that Cloudiway is performing its duties to a standard that can be trusted by Microsoft and their customers.

The purpose of this engagement is to perform specific test procedures concerning the design effectiveness of the security controls of Cloudiway and how it relates to Microsoft Personal and Confidential Data.

The Confidentiality, Integrity, and Availability of your data is Cloudiway’s top priority, and our goal to meet the high standards set forth by the Microsoft SSPA program shows our commitment to Information Security and Privacy not just for Microsoft and their customers but to all Cloudiway customers.

The SSPA audit includes performing the following activities:

  • Determining in-scope locations and applicable DPRs (Data Protection Requirements).
  • Specifying the policies and controls that meet the applicable requirements.
  • Designing, implementing, and documenting the controls to meet the DPR.
  • Providing evidence supporting the policies and procedures.

You can also review Cloudiway’s products on the Microsoft AppSource site:

Cloudiway Microsoft AppSource MarketPlace

Cloudiway is considered a Data Processor and does not directly collect sensitive Microsoft Personal Data, nor do we share data with Third parties.

Our customers are the Data Controllers and enter their data into their own projects. Cloudiway uses logical isolation (Azure SQL Databases) to segregate each customer’s data (migration lists, connectors, etc.), and the infrastructure is fully hosted in Microsoft Azure taking advantage of Azure’s SOC 2 Type II certified security controls.

The Cloudiway Disaster Recovery Plan (DRP) leverages the Azure Infrastructure and ensures that the production environment is available 24×7*365 with an SLA (Service Level Agreement) above 99.9%.

Technology is constantly changing, and staying compliant with data security standards involves continuous dedication and improvement to an organization’s information security program. We are excited to share this achievement with you and hope to share more good news regarding our security and compliance initiatives soon.