Information Security

MOCA Services implements a comprehensive information security program to ensure that our information systems and data are securely maintained and align with all applicable laws, regulations, information security best practices, and industry standards.

See all MOCA Systems, Inc. certifications

MOCA Services maintains the following certifications:

CMMC Level 2 (C3PAO)

MOCA Services maintains a secure CMMC Level 2 compliant environment audited and certified by a Certified Third-Party Assessor Organization (C3PAO).

GDPR

MOCA Services maintains compliance with General Data Protection Regulation (GDPR) and other privacy laws, regulations, and requirements.

ISO 27001:2022

MOCA Services is certified annually by third-party audit against ISO 27001 information security requirements and standards.

ISO 27001 Certification Badge

Security Practices:

MOCA Services employs a layered information secuity approach to ensure threats are migrated at multiple control points and the confidentiality, integrity, and availability of our systems and data are consistently and appropriately protected.  

MOCA Services’ security risk management strategy, expectations, and policy are established, communicated, and monitored. 

MOCA Services has implements security practices to identify and detect threats, risks, and vulnerabilities to our systems. Security processes include:

  • Internal and external security audit
  • Risk assessment (internal and third-party)
  • Security information and event management (SIEM)
  • Continuous monitoring and event analysis

MOCA Services implements security safetyguards to ensure our systems and data are protected from risks, vulnerabilities, and threats. Security processes include:

  • Secure identity management and authentication
  • Role-based access controls
  • User information security awareness training
  • Data encryption (at rest and in transit)
  • Data loss prevention mechanisms
  • Secure system configuration
  • Endpoint monitoring and malware protection
  • Firewall and conditional access policies

MOCA Services implements response and recover practices to ensure service continuity, system and data availability, and timely response to threats and incidents. Security processes include:

  • Incident Response Plan
  • Disaster Recovery and Business Continuity Plan
  • Annual response and recovery plan testing
  • Secure system and data backup
  • Alert and event monitoring, analysis, and response processes and playbooks
Request Security Documents & Certifications