Evolve IP has added International Traffic in Arms Regulations (ITAR) compliance to its cloud compliance and certifications. The company’s cloud platform has been verified through an independent third-party ITAR compliance review as well as a SOC2 review. Based on the findings of those audits, Evolve IP provides the required controls and security safeguards needed to meet, and in many instances exceed, ITAR compliance.
Designed to ensure national defense, ITAR covers the manufacture, sales, and distribution of defense and space-related articles and services on the United States Munitions List. Specifically related to cloud services, the Department of State’s Defense Trade Advisory Group stated that ITAR companies are permitted to store ITAR data in the cloud, and that a virtual private cloud model provides less risk than other cloud models.
The Evolve IP Compliance Cloud, a virtual private cloud, enables all of the requirements set by the trade advisory group including:
- Maintaining contractual obligations to locate all of the cloud infrastructure in the United States
- Utilizing only engineering administrative personnel that are U.S. persons
- Encrypting data during transmission to, within and from the cloud
- Encrypting data at rest (wherever located in the cloud) and,
- Providing the contracting party with control of user authentication and access to data
“The nature of today’s world demands that data is protected and highly secure and Evolve IP has, from the beginning, been unwavering in our commitment to compliance, security and reliability in the cloud,” says Guy Fardone, president, COO and founding partner of Evolve IP. “With The Evolve IP Compliance Cloud, companies can now take advantage of the many benefits of cloud computing while ensuring they meet or exceed the stringent compliance parameters set by ITAR.”