Whether you’re shopping on your favorite site, completing an e-transfer, or downloading an app, it’s become standard practice to enter some form of personal data online. And with the amount of information that’s being collected every day, it’s just as common to hear about large-scale hacks, leaks, and other data breaches.
Because of these risks, SingleKey takes your data protection and security seriously. That’s why we’ve taken the extra step to become SOC 2 Type 2 compliant, one of the highest acknowledgements of data security compliance in the world. With the help of our partners at Johanson Group, here’s how we earned our SOC 2 certification and how we’re keeping your data safe.
What is SOC 2?
Developed by the American Institute of Certified Public Accountants (AICPA), the System and Organization Controls (SOC) is a security framework that ensures organizations are managing and protecting their users’ data responsibly. Among the types of SOC reports that are used to measure how well each organization meets the AICPA’s security standards is the SOC 2.
There are two types of SOC 2 reports: SOC 2 Type 1 and SOC 2 Type 2. While Type 1 assesses security systems and controls at one point in time, Type 2 evaluates how effective a data security infrastructure is over several months. Gaining SOC 2 Type 2 certification is therefore a more intensive process and is regarded as one of the most rigorous data security compliance standards.
Becoming SOC 2 compliant
To be recognized as a SOC 2 compliant company, we went through an extensive, third-party audit to make sure we met all the SOC 2 requirements. These requirements are defined as the Trust Services Criteria (TSC) and they cover five key areas:
- Security
- Availability
- Processing
- Integrity
- Confidentiality
Ensuring we exceeded these criteria meant updating security policies, procedures, and infrastructure across the entire company and continuously monitoring compliance according to the SOC 2 standards.
How we’re protecting your data
Achieving SOC 2 compliance demonstrates our commitment to our users’ data security. This means SingleKey has:
- the ability to identify security incidents across our organization,
- validated data security controls to protect your information from unauthorized access, and
- comprehensive procedures to address any security issues quickly and effectively with little impact to our users.
This also means that any data integrations through partner API plugins for features like automated tenant screening are protected. Our SOC 2 Type 2 compliance ensures that we have the controls in place to manage and safeguard data against any potential security threats.
Because SOC 2 is one of the highest industry standards when it comes to data protection, you can feel confident knowing our platform is secure.
Our final thoughts
SingleKey’s relationship with our customers is built on trust, and becoming SOC 2 compliant is just one way we’re safeguarding that trust. To learn more about data security and the SOC 2 standards, visit the AICPA site.
