All Your Sites, Migrated for Free. Limited Time Only Claim Now
migration_campaign_2026

Cloudways Trust & Compliance Center

Access Cloudways’ SIG Report and learn about our partner cloud providers’ certifications to better understand Cloudways’ commitment to protecting customer data and maintaining a secure infrastructure.

Standardized Information Gathering
(SIG) Report Overview

Please visit our Security Certifications Center to access our SIG Report.

SIG Report

The Cloudways Standardized Information Gathering (SIG) Report serves as a vendor risk assessment document widely adopted by enterprises. It provides customers and auditors with a trusted framework to evaluate Cloudways’ security posture. The report outlines Cloudways’ security, compliance, and operational controls, offering transparency into how we safeguard customer workloads and manage risk across our platform.

Partner Cloud Providers Certifications Snapshot

Cloudways collaborates with infrastructure-as-a-service (IaaS) providers, including AWS, Google Cloud, and DigitalOcean, to offer a resilient, high-performance foundation for customer applications. The following table illustrates the certifications our IaaS partners maintain to demonstrate security at the infrastructure level.

Certifications Available

AWS

SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 9001, ISO 22301, PCI-DSS, HIPAA, HITRUST CSF, FedRAMP

Google Cloud

SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, Global PRP, PCI-DSS, HIPAA, HITRUST CSF, FedRAMP

DigitalOcean

SOC 2, SOC 3, Global PRP, CSA STAR Level 1, PCI-DSS, HIPAA

Vultr

SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, CSA STAR Level 1, PCI-DSS, HIPAA

Linode

SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, PCI-DSS, HIPAA, FedRAMP

If you have other compliance-related questions, please reach out to [email protected]

Shared Responsibility Model

Cloudways believes that being a transparent security partner is essential to building customer trust. We’re here to support you on your journey to securing your product and protecting your customers’ data.

The Shared Responsibility Model (SRM) is a framework that delineates responsibilities between Cloudways and the customer in securing your product. Cloudways is a managed Platform-as-a-Service (PaaS) provider, which means we are responsible for the security of the platform (e.g., OS patching, firmware, and the technology stack), while customers are responsible for security within the platform. This includes, but is not limited to, application updates, credential management, and data compliance.

The following graphic illustrates the separation of responsibilities between Cloudways and the customer:

Separation of Responsibilities - Platform as a Service