SOC Compliance
| Cloud Service | Audit Type |
|---|---|
|
PhishLine
|
SOC 2 Type II
|
|
Backup
|
SOC 2 Type II
|
|
Barracuda MSP
|
SOC 2 Type II
|
|
Email Security Services
|
SOC 2 Type II
|
|
Barracuda Archiving Services
|
SOC 2 Type II
|
|
Sonian Archiving Services
|
SOC 2 Type II
|
|
Cloud Control
|
SOC 2 Type II
|
|
Barracuda RMM
|
SOC 2 Type II
|
|
SKOUT Managed XDR
|
SOC 2 Type II
|
|
Impersonation Protection
|
SOC 2 Type II
|
|
Incident Response
|
SOC 2 Type II
|
|
WAFaaS
|
SOC 2 Type II
|
FIPS Compliance
FERPA Compliance
If Customer is an educational agency or institution to which regulations under the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g (“FERPA”)) applies, Customer understands that Barracuda may possess limited or no contact information for Customer’s students and the students’ parents. Consequently, Customer will be responsible for obtaining any parental consent for any end user’s use of the Cloud Service that may be required by applicable law and to convey notification on behalf of Barracuda to the students (or, with respect to a student under 18 years of age and not in attendance at a postsecondary institution, to the student’s parent) of any judicial order or lawfully-issued subpoena requiring the disclosure of Customer Data in Barracuda’s possession as may be required under applicable law.
HIPAA Compliance
Barracuda complies with any portions of HIPAA or the HITECH Act that are directly applicable to Barracuda. In particular, the Barracuda Cloud safeguards data in such a way as to satisfy HIPAA’s Security Rule. Customers wishing to establish a Business Associate relationship with Barracuda per 45 CFR 164.502(e) and 164.504(e) should request a Business Associate Agreement from Barracuda. The Business Associate Agreement defines commitments that Barracuda will make to maintain HIPAA and HITECH compliance.
