Security
Security is woven into ScalePad's DNA.
With SOC 2 Type II compliance, SOC 3 reporting, and ISO 27001 certification, ScalePad is committed to securing Partner and client data.
Certified and audited
Independent security assurance, visible at a glance.
ScalePad maintains independently reviewed security and compliance programs so MSPs can bring stronger proof into client conversations.
- Audited controlsSOC 2 Type II
Third-party audited controls for security, availability, processing integrity, confidentiality, and privacy.
- Certified ISMSISO 27001
A certified Information Security Management System for managing sensitive information across people, process, and technology.
Security resources
Security documentation and reports.
Access ScalePad security documentation, audit reporting, certification proof, and the public PGP key for sensitive vulnerability reporting.
Product Security Whitepaper
A practical overview of ScalePad security practices, controls, and safeguards.
Download WhitepaperSOC 3 Report
Public SOC reporting for Lifecycle Manager, Backup Radar, ControlMap, Lifecycle Insights, Quoter, and ScalePad Hub.
View SOC 3 ReportISO 27001 Certificate
Certification proof for ScalePad's Information Security Management System.
View CertificatePublic PGP Key
Use PGP to protect sensitive vulnerability reporting communications. Fingerprint: 35F6 520F B068 96F2 E144 E84F EC3D A4C5 B1CF 4FFD.
Download PGP KeySecurity program
Controls, reporting, and vulnerability disclosure.
ScalePad maintains audited controls, a certified information security management system, documented reporting paths, and compliance artifacts for Partner review.
Audited controls
ScalePad maintains SOC 2 Type II compliance, SOC 3 reporting, and ISO 27001 certification to provide independent validation of our security program.
Our SOC 2 Type II controls are designed to secure client data, support system availability, process data accurately, maintain confidentiality, and uphold privacy.
Certified information security management
ISO 27001 certification validates ScalePad's Information Security Management System: the people, processes, and technology used to manage sensitive information through a risk-based approach.
Partner and client assurance
Audited and certified vendors help MSPs demonstrate that entrusted data is handled under mature security practices and relevant regulatory expectations such as HIPAA, GDPR, or PCI DSS.
Vulnerability reporting
Report potential vulnerabilities to security{@}scalepad{.}com and follow industry best practices when sharing details.
Use PGP to protect sensitive communication. ScalePad's public PGP key is available to download here.
Fingerprint: 35F6 520F B068 96F2 E144 E84F EC3D A4C5 B1CF 4FFD.
SOC 2 report requests
Sharing a SOC 2 report requires a signed legally binding NDA. Contact your ScalePad Partner Development team member for more information.
How did ScalePad do it?
ScalePad used ControlMap to simplify our own compliance journey.
ScalePad uses ControlMap as a single platform to manage compliance internally across products and frameworks. The same multi-tenancy and templated framework model can help MSPs manage compliance programs for their own clients.