Protecting enterprise data is a top priority for everyone at AlertEnterprise. We’re constantly updating our processes, tools and practices to make sure our solutions effectively mitigate risk and maintain confidentiality while enhancing productivity . As part of that effort, we’re happy to announce that we have successfully completed Service Organization Control (SOC 2) Type 1 Audit certification.
Let’s explore what this certification means, how we earned it – and what steps we’ll be taking to expand the audit moving forward.
What is SOC 2 Type 1 – and what does it mean?
SOC 2 reports demonstrate a company’s ability to not only implement critical security policies but to prove compliance over an extended period. There are two types of SOC 2. The first type looks at the design of security processes at a specific point in time, while the second type extends that assessment over the course of six months.
SOC 2 Type 1 certification ensures compliance with the leading industry standards for managing enterprise data. By focusing on the security, availability, processing integrity, confidentiality and privacy of customer data across solutions, the certification confirms that we have effective safeguards and controls in place for our customers.
Doesn’t everyone have to comply with SOC 2?
In contrast to regulations and compliance standards like HIPAA or PCI-DSS, SOC 2 is a voluntary audit that SaaS companies and other service providers can choose to complete to evaluate their security processes. In doing so, they demonstrate to customers that their data and corresponding systems are in good hands. Customers can also request this audit when choosing a cloud, IT or SaaS partner.
How do we comply with SOC 2 Type 1?
To comply with SOC 2 Type 1, we have established policies and procedures in accordance with AICPA standards. The audits we’ve completed successfully included measurements of availability, security and integrity of data processing systems.
Explore the audit
Teams | Functions Audited – Engineering | DevOps, IT, HR, Customer Support Service & Admin.
Environment & Facilities – On-Prem & Cloud at both of our office locations (US | India)
Result – The certification audit report verified that AlertEnterprise meets the SOC2 standards for Security and Availability Trust Services Principles with no exceptions.
Our next goal is to soon complete SOC 2 Type 2 certification – a vital industry standard. And we plan to get there by maintaining our commitment to the continuous improvement, monitoring and measuring of our security controls.