SOC 2 Compliant Certified
eventPower is SOC 2 Compliant!
Nothing is more important to us than keeping our clients' data safe. That is why we made it a priority to become certified as SOC 2 Compliant to give our clients peace of mind that their data is safe and secure within the eventPower system.
This article will explain what the SOC 2 Compliance is, what it means for our clients and why it is important.
What does it mean to be SOC 2 Compliant, and why is it important?SOC 2 stands for System and Organization Controls and is considered the gold standard for data security. This certification was created by the American Institute of Certified Public Accountants (AICPA) and specifies how organizations should manage customers' data.
The certification is based on five Trust Services Criteria: security, availability, processing integrity, confidentiality and privacy. Each Trust Service Criteria is broken down into Principles and specify controls that are required to evaluate the security posture of a company.
To obtain SOC 2 compliance, a third-party auditor is required to review the controls, policies, and documentation showing that all the SOC 2 defined principles are addressed. Subsequently, a monitoring period is utilized where the company must provide evidence of following the policies and meeting the requirements set forth. The final audit report provides assurance to customers, partners and prospects that organizations are managing their data securely, meeting or exceeding industry standard security practices. This could include performing background checks on all employees, multi-factor authentication logins and monitoring all processes.
This certification means eventPower has been independently reviewed to provide enterprise-level security for our clients’ data within the eventPower system.
Next StepsMaking sure we are up to date with the latest security practices is extremely important to eventPower. We want to assure all our clients that we will always do everything to keep their data as secure as possible.
There are two types of SOC 2 certifications, and our next step will be to obtain SOC 2 Type 2 Certification.
- Type I describes the organization’s current systems and whether the system design complies with the relevant trust principles.
- Type 2 details the operational efficiency of these systems. Meaning, it will be evaluated over the next 6 months to see if the controls put in place are functioning at all times.
If you have any questions regarding our SOC 2 Compliance, don't hesitate to reach out to [email protected]