Skip to Main Content

Audited Infrastructure and Processes For World-Class Security

ThinkOn’s infrastructure is internally reviewed against our compliance controls in addition to working with third-party auditors to regularly test our controls and processes. ThinkOn is attested as compliant for several regulatory and cybersecurity standards, including several ISO standards and SOC 2.

ISO/IEC 27001:2013 Compliance

ISO/IEC 27001:2013 is a security administration standard that indicates security best practices and the application of exhaustive security controls based on a lengthy set of best practice rules.

This universally recognized security standard indicates that ThinkOn:

  • Methodically assesses its data security risks, considering the effect of organizational vulnerabilities
  • Outlines a complete suite of data security controls and different forms of hazard administration to address organization and design security dangers
  • Embraces a comprehensive library of administrative procedures to guarantee that the data security controls progressively meet our data security needs

ThinkOn’s ISO 27001 certification shows dedication to data security at each level. Certification with this prestigious universally accepted standard affirms that our security administration program is complete and follows best practices. This confirmation provides clarity and affirmation to clients assessing the comprehensiveness and quality of our security practices.

Certified by accredited agents from Raad Voor Accreditatie (RvA).

For more information on ThinkOn’s ISO/IEC 27001:2013 Certification, please reach out to us at or visit the official ISO/IEC 27001:2013 website

ISO 21017:2015 Compliance

The ISO/IEC 27017:2015 provides guidance on the information security controls applicable to the provision and use of cloud services by recommending:

  • Guidance for implementing cloud-specific information security controls that supplement relevant controls specified in ISO/IEC 27002 and ISO/IEC 27001
  • Additional controls with implementation guidance that specifically relate to cloud services
  • Controls and implementation guidance for both cloud service providers like ThinkOn and our cloud service customers

ThinkOn’s attestation to ISO/IEC 27017:2015 demonstrates our dedication to aligning with globally recognized best practices and validates the complete and precise controls that ThinkOn has in place specific for our cloud services.

Certified by accredited agents from Raad Voor Accreditatie (RvA).

For more information on ThinkOn’s ISO/IEC 27017:2015 Certification, please reach out to us at or visit the official ISO/IEC 27017:2015 website

ISO 27018:2019 Compliance

ISO/IEC 27018:2019 is a security administration standard that provides guidance aimed at ensuring that cloud providers offer complete protection of personal data in the cloud and privacy of their customers’ clients by safeguarding Personally Identifiable Information (PII) entrusted to them. ISO/IEC 27018:2019 provides an additional set of controls and associated guidance, which benefits ThinkOn customers by:

  • Providing visibility with respect to the countries in which our cloud services customers’ data is stored and full disclosure of the identities of external parties who work with ThinkOn that need to access your data.
  • Safeguarding customer privacy by complying with only legally binding requests for disclosure of data, and notifying the customer unless prohibited by law.
  • Ensuring data is not used or sold for marketing or advertising purposes without explicit consent. Because ThinkOn adheres to ISO/IEC 27018 for its cloud services, customers can store their data with confidence that it is never used for such purposes without explicit consent, and consent is not a condition for use of our services.

Aligning with this standard demonstrates that ThinkOn’s policies and procedures specifically address the privacy protection of our clients’ customer data.

Certified by accredited agents from Raad Voor Accreditatie (RvA).

For more information on ThinkOn’s ISO/IEC 27018:2019 Certification, please reach out to us at or visit the official ISO/IEC 27018:2019 website

SOC 2 Type II Compliance Report

SOC 2 compliance ensures technology-based service organizations that store customer data in the cloud have internal systems that ensure the security, availability, processing integrity, confidentiality, and privacy of customer data. SaaS and cloud providers use SOC 2 reports to identify and assess risks associated with third party technology services. SOC 2 is one of the most common requirements for compliance for SaaS companies.

A SOC 2 Type II report is an independent assessment that captures how ThinkOn achieves key compliance controls and objectives by examining its control environment, procedures and practices that guarantee oversight across your organization.

As one of the most common compliance requirements for technology-based companies in the cloud space, SOC 2 Type II ensures that ThinkOn’s information security measures align with best practices as they pertain to implementing and reporting on control systems.

Certified by accredited agents from Raad Voor Accreditatie (RvA).

For more information on ThinkOn’s SOC 2 Type II report, please reach out to us at or visit the official AICPA SOC 2 Type II website

CSA STAR Level 1 Certification

The Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) program provides organizations with a platform to assess and validate the security competencies of their internal environment and guidance on security best practices for cloud service providers. CSA STAR operates on an open certification framework and having completed the self assessment, ThinkOn is successfully awarded CSA STAR Level 1 status.

For more information on ThinkOn’s CSA STAR certification, please reach out to us at or visit the official CSA STAR website

The Government of Canada On ThinkOn

ThinkOn understands the Government of Canada’s needs for agility and power while balancing security, compliance, and regulation of sensitive data. By ThinkOn provides commercial cloud capability for all levels of government workloads, making it possible for the Government of Canada and Public Sector entities to adopt and utilize a common set of modern, technologies and software with rapid scalability.

ThinkOn is Canada’s only wholesale provider of cloud infrastructure and data management services with 3 data centres located within Canada to ensure complete data sovereignty of the Government of Canada, Public Sector entities, and Canadian citizens.

Read more about the by ThinkOn here.

Do You Have Questions About Our Certifications?

We are very proud of our teams’ dedication and perseverance for excellence. Speak with us today to learn more about how our experts can provide solutions to your cloud infrastructure and computing needs.

call to action decorative lines

Get Started with ThinkOn Cloud

Whether you know exactly what you are looking for or have no idea where to begin, our experts are available to provide the information and guidance you need to begin designing and constructing the cloud solution that best fits the needs of your business. 

Get in touch with us today!

decorative green lines