April 15, 2019

To Whom it May Concern,

Re: Letter of Compliance

EpiGrid is a comprehensive IT solution provider specifically focused on the mechanical and design engineering industries with expertise in server hosting, network architecture optimization and implementation, as well as system administration and consultation.

We partner with Lume Cloud Solutions to provide all our cloud solution, hardware, and data center needs. Lume is an expert in providing Private Cloud, Data Center, and Hybrid Infrastructure Solutions, that are secure and compliance ready. Data security is at the core of what we do. As we work together to design and structure the solutions that meet your needs, security and compliance are the cornerstones.

Security and compliance in the cloud are achieved through careful planning and shared responsibilities. EpiGrid and Lume partner to provide the security and compliance “of” the cloud, while your company maintains the control and flexibility to direct security and compliance “in” the cloud. You continue to oversee the processes and controls for your platform, access management, network, data, and applications, while EpiGrid and Lume oversee the processes and controls for physical access and hardware.

All of our infrastructure solutions are compliance ready for: HIPAA, PCI, FISMA (NIST 800-53), GDPR, DoD CUI controls (NIST 800-171) and Privacy Shield. We can also architect solutions for clients that need FedRAMP, SOX and/or ISO 27001 compliance. Each of our data centers undergoes annual SOC 2 auditing to ensure that the essential physical access controls and security are maintained and tested by third-party auditors. Audit reports and bridge letters are available upon request.

Our employees are knowledgeable and well trained and compliance assistance as a service is available for clients that need help achieving their own internal compliance. We can also assist clients with vulnerability scanning, penetration testing, disaster recovery and business continuity management planning.

Cloud compliance and security are a shared responsibility and we are committed to ensuring that you are comfortable and confident with the data solutions we provide.

Sincerely,

Chad Garrish Parker Russell
EpiGrid; Chief Technology Officer Lume; General Counsel & Compliance Director