What is SOC 2 compliance?
In short, SOC 2 is a voluntary compliance standard for technology companies with cloud-based products and specifies how an organization should manage customer data. The compliance guidelines set by the AICPA (American Institute of Certified Public Accountants) ensure services are secure, available, and confidential and that information security best practices are in place.
What does SOC 2 compliance mean for DataGroomr?
As a data integrity solution provider, DataGroomr understands the paramount importance of data security and privacy. Our unwavering commitment to safeguarding our customers’ sensitive information is at the core of our operations. Â
With the achievement of SOC 2 compliance, we have solidified our dedication to implementing industry-leading security practices, ensuring that your data remains protected throughout its lifecycle within our platform.
Our SOC 2 report isn’t about just checking another box. We have taken information security and compliance very seriously from day one and so, and our report is the official proof that we comply with the globally recognized information security standard.
What exactly gets evaluated?
You may be wondering, what exactly is covered by the auditor in a SOC 2 audit? Our audit covered four key Trust Service Principles: Security, Availability, Confidentiality, and Privacy relevant to DataGroomr’s specific business operations. Multiple tests were performed to ensure that our internal controls are implemented and operating effectively.
Scytale helped tailor the relevant controls to our infrastructure, software, processes, people, and data, relating to:
- Remote onboarding of employees
- Cloud infrastructure security
- Risk management
- Multi-factor authentication
- User access review
- Threat detection
- Change management procedures
- Assets management
- Data encryption
- Secure development and more
As mentioned, we’ve built our solution around being SOC 2 compliant, but now we’re proud to have the “official” stamp that recognizes our concrete data protection practices.
We achieved SOC 2 compliance and received our report in a record-breaking time with clear colors, due to the fact that we had no prior security issues and there were very minor remediations needed. We are very proud of this result, as it is a testament to our high standards of controls and security standards.
Our trusted compliance partner
Scytale’s expertise and technology helped take our compliance to the next level by automating the lengthy processes involved with SOC 2 compliance and giving us a single source of truth to track and monitor all our audit requirements.
Your data is secure with us
We’ve earned our customers’ trust by handling their sensitive data responsibly. Our SOC 2 report serves as a solid assurance, allowing them to rest assured that their data is secure with us.
Our SOC 2 compliance is a testament to our commitment to data security, and we proudly show customers and prospects that they’re partnering with a company that cares about their data.
Our continued commitment to compliance
At DataGroomr, we understand that SOC 2 compliance is an ongoing project, not a one-time milestone. Maintaining our commitment to security and compliance is paramount, which is why we have pledged to renew our SOC 2 report on an annual basis. However, our efforts don’t stop there. We are constantly evaluating our compliance posture, refining our policies and procedures as needed to ensure effectiveness.