UserIQ Improves Data Protection with SOC2 Compliance

By October 30, 2018Blog, Product Updates

UserIQ’s Commitment to Trust

Trust is a core principle of UserIQ. Our commitment to customer privacy and security directs the decisions we make on a daily basis. Earning the trust of customers is the responsibility of each and every employee at UserIQ and one we take seriously.

That is why we are very excited to announce that UserIQ has successfully completed the Service Organization Controls (SOC) Type 2 examination of the Trust Service Principles; Security, Availability and Confidentiality.

UserIQ-SOC2 compliance-Aaron Aycock

What is SOC2 Type 2?

The main purpose of the SOC 2 Type 2 report is to evaluate adherence to the Trust Service Principles and Criteria set forth by the American Institute of Certified Public Accountants (AICPA). The AICPA created the SOC guidelines to provide an authoritative and independent benchmark for service organizations to demonstrate the implementation of proper control procedures and practices.

To complete a SOC2 Type 2 examination, an independent auditor must evaluate and provide a favorable opinion on the effectiveness of an organization’s trust principle controls. The controls are thorough and comprehensive—we had more than 250 controls evaluated. Further, the evaluation doesn’t just cover a single point in time. To successfully complete the process, an organization must demonstrate adherence to these controls over a period of 6 months.

In other words, completing a SOC2 Type 2 examination is not an easy task. However, we have always been committed to keeping our customer’s data safe and secure and, as a result, we have always adhered to strict security policies. Successfully completing an examination by an independent, third-party auditor was an important milestone to show our customers that we work hard each day to earn their trust.

What’s next?

Completing SOC2 Type 2 is not a one-time event, it is an ongoing process. In addition to our work to maintain GDPR and Privacy Shield compliance (which we announced earlier this year), our work to successfully complete SOC2 next year is already underway. We do not do this work to pass certifications. We do this work because we have always been committed to keeping our customer’s data safe and secure and we always will.

If you are an existing customer or you are considering becoming a customer of UserIQ and would like a copy of the report, we’d be glad to share it with you. Simply send a request to [email protected].

Leave a Reply