Surfshark’s no-logs statement gets verified by Deloitte

To let the Deloitte report speak for itself, here’s what it says: “Based on the procedures performed and the evidence obtained, in our opinion, the configuration of IT systems and management of the supporting IT operations is properly prepared, in all material respects, in accordance with Surfshark’s description of its no-logs policy.”

The auditors from the Big Four auditing firm took a long hard look at how we do things and what IT infrastructure we do those things on. This gave them all the data they needed to confirm that we at Surfshark VPN carry out the promises laid in our no-logs policy down to a T.

The nerdier among you will probably want a more detailed breakdown, so here are the bits of Surfshark that the professionals from Deloitte poked and prodded:

• Server configuration;
• Deployment process;
• VPN server configuration, 
• API (VPN infrastructure-related servers for our Infra microservice); 
• SDN (Software Defined Network);
• Employees (via interviews, not actual prodding). 

Deloitte also checked whether Surfshark’s personnel capacity and actual work matched the necessities of the no-logs VPN policy. 

We at Surfshark are super stoked by this evaluation, and nobody is more excited about it than our VPN Product Owner: 

“Working in an industry that highly relies on trust and transparency, we understand that it takes more than just words to validate our efforts. The positive result from Deloitte’s no-logs assurance report provides factual evidence to our users and future customers that Surfshark operates on the highest privacy and quality standards. We will continue to perform various audits and tests to get independent verification of our security and privacy measures,” says Justas Pukys, VPN Product Owner at Surfshark.

Read a summary of the Deloitte report here.

Surfshark has previously passed different audits by Cure53, but the Deloitte no-logs one is the biggest one yet.