Mojo Networks Becomes First Cloud WiFi Provider to Achieve SSAE-16 SOC 2 Certification, Extending Security to Application Management in the Cloud
MOUNTAIN VIEW, CA, May 15, 2017 – Mojo Networks, a pioneer in Cognitive WiFi™, announced today that the company has received SOC 2 Type 1 and Type 2 attestation for security, availability, and confidentiality of the Mojo Cloud-managed WiFi solution. This establishes Mojo as the first cloud WiFi vendor to achieve such attestation for practices in cloud-based WiFi management applications.
The shared responsibility model for cloud security requires both data center security and application management security. When hosting applications in a third-party data center, the data center operator is responsible for physical security, environmental protection, and logical security (cybersecurity) up to the server boundary. Controls at the application layer are the responsibility of the cloud service provider. According to the Amazon Web Services (AWS) Shared Responsibility Model: “While AWS manages security of the cloud, security in the cloud is the responsibility of the customer.”
“Just saying ‘SSAE 16 certified data center’ doesn’t cut it. Putting your data in the cloud and relying only on the security of the data center is like buying the safest car on the market and then driving without a seat belt,” said Rick Wilmer, CEO of Mojo Networks. “With our strong legacy as the leaders in Wireless Intrusion Prevention Systems (WIPS), Mojo is again leading the industry in cloud security for WiFi management. We’re proud to be the first and only cloud WiFi provider to deliver this level of security to our customers.”
According to Hemant Chaskar, CISO at Mojo Networks, “Enterprise WiFi customers need assurances from cloud application service providers about the protection of hosted applications and data (SaaS). A practical way to have this assurance is to verify the SOC seal of approval for the SaaS provider, in addition to the SOC seal of approval for the third-party data center (IaaS) used by the SaaS provider. Customers need to confirm the security posture of IaaS and SaaS in tandem. Mojo is the only cloud WiFi provider today that has the full cloud security chain completed from the data center to the customer-facing applications.”
Mojo’s SOC 2 Type 1 and Type 2 reports attest to Mojo’s practices in application management in the following areas:
- Security during software development lifecycle
- Provisioning, health monitoring, and change management for the cloud applications
- Security vulnerability scans on the application
- Boundary protection around applications (firewalls)
- Access control to applications and customer data therein
- Encryption of data at rest and in transit and data retention policies
- Disaster recovery readiness to migrate applications between data center islands
- Security incident response processes
“A SOC examination is a rigorous test for a company to pass," said Nelly Spieler, Senior Manager at Frank, Rimerman & Co., LLP. "Mojo Networks has worked hard over a six-month period to establish strong controls over the Mojo Cloud Managed WiFi Solution and effectively implement them. We reviewed and tested more than 60 controls related to security, availability and confidentiality.”
About Mojo Networks, Inc.
At Mojo, we’re shaking up the Enterprise WiFi industry. We know that customers are ready for a modern WiFi network that doesn’t rely on outdated controllers and proprietary hardware. Our cloud-managed WiFi solution is based on a radical vision for creating networks that reach new heights in performance, security, scalability, and ease-of-use. Founded in 2003 and headquartered in Mountain View, CA, Mojo Networks delivers brilliant WiFi to many of the world’s top brands and highest levels of government.
Mojo and Mojo Networks are registered trademarks of Mojo Networks, Inc. All third-party trademarks mentioned are the property of their respective owners.
Senior Director, Marketing