Skip to main content

Security and Compliance at Worldstream

At Worldstream, we understand that security, compliance and operational excellence are not optional; they are essential.

As an infrastructure provider, Worldstream delivers and manages the hosting environment, network connectivity, and core infrastructure components, while our clients retain full control and authority over their operating systems, applications, and data. Our mandate is to ensure that the underlying infrastructure and supporting services operate securely, reliably, and in strict adherence to internationally recognized standards and regulatory requirements.

Trusted by organizations across fintech, healthcare, e-commerce, technology, and other sectors, we maintain a comprehensive portfolio of globally recognized certifications and independent assurance reports. Verified by accredited auditors, these credentials affirm our capability to operate a resilient and secure infrastructure platform. This enables clients to conduct their business reliably and securely, while also meeting their own compliance and regulatory obligations in a rapidly evolving landscape.

ISO 27001

  • Standard:
    2022/Amd.1:2024
  • Focus Area:
    Information Security Management
  • What it means for our client:
    Ensures that the infrastructure operates within a secure, risk-managed environment aligned with international best practices.
  • Latest audit certificate:
    13-11-2024

ISO 9001

  • Standard:
    2015/Amd.1:2024
  • Focus Area:
    Quality Management
  • What it means for our client:
    Demonstrates that infrastructure services are delivered consistently and reliably, supported by efficient processes and a culture of continuous improvement.
  • Latest audit certificate:
    20-01-2024

ISO 14001

  • Standard:
    2022/Amd.1:2024
  • Focus Area:
    Environmental Management
  • What it means for our client:
    Confirms systematic management of environmental responsibilities, including sustainability practices, resource efficiency, and reduction of environmental impact.
  • Latest audit certificate:
    20-01-2024

SOC1 / SOC2

  • Standard:
    ISAE3402 / ISAE3000
  • Focus Area:
    Internal controls regarding Trust services and Financial Reporting
  • What it means for our client:
    Provides independent assurance that infrastructure controls meet rigorous standards for financial reporting (SOC 1) and for security, availability, confidentiality, processing integrity and privacy
    (SOC 2).
  • Latest audit certificate:
    31-01-2025
    (Requestable as customer after signing an NDA)

NEN 7510

  • Standard:
    1:2017 + A1:2020
  • Focus Area:
    Healthcare Information Security
  • What it means for our client:
    Certifies that healthcare workloads run in an infrastructure environment certified to meet sector-specific security requirements, supporting compliant processing of patient-related data.
  • Latest audit certificate:
    25-07-2025

PCI-DSS

  • Standard:
    4.0.1:2024
  • Focus Area:
    Payment Card Data Security
  • What it means for our client:
    Validates that datacenter facilities meet payment industry security standards. Our certification proves the physical security of our locations, supporting clients in fulfilling their own payment industry compliance obligations.
  • Latest audit certificate:
    21-03-2025

More about our certificates

ISO 27001 – Information Security Management

The protection of information is central to our operations. This certification attest that we operate a robust Information Security Management System (ISMS) designed to safeguard the infrastructure that supports the systems and data of our clients.

ISO 9001 – Quality Management

This certification demonstrates that our Quality Management System (QMS) ensures consistent, reliable delivery of our infrastructure services. It establishes efficient processes, high availability and a continues improvement culture.

ISO 14001 – Environmental Management

This certification attests our effort manage our environmental responsibilities systematically through a comprehensive Environmental Management System (EMS), reducing our ecological footprint and optimizing resources used by our datacenter operations.

SOC1/ISAE3402 & SOC2/ISAE3000 – Assurance for Controls and Trust Services

Our SOC1 and SOC2 reports provide independent assurance that Worldstream’s infrastructure controls meet the highest standards for security, availability, confidentiality and operational integrity.

  • SOC 1 focuses on controls relevant to financial reporting, verifying that infrastructure, processes, and physical security measures we manage support the reliability of financial data.
  • SOC 2 evaluates our controls against the Trust Services Criteria, ensuring our operational practices safeguard systems and data according to rigorous security and compliance principles

As we do not have access to data stored on client assigned servers, this assurance report audits the environment the infrastructure operates in, including physical security, network security and process controls.

NEN 7510 – Healthcare Information Security

The NEN 7510 certification aligns with our ISO 27001 certification, it addresses the specific requirements of the healthcare sector for processing patient data. Our certification ensures that the infrastructure layer supporting healthcare is managed to the highest standards, even though we do not handle or process these records ourselves.

PCI-DSS– Payment Card Industrie Data Security Standard

PCI-DSS sets strict security requirements for payment card handling. While we do not store or process cardholder data ourselves, our certified infrastructure supports clients in meeting their own obligations by providing a secure, compliant environment.

Still have questions?

Please feel free to get in touch – we are happy to help with any questions you may have.