SecurityGate.io is proud to announce that it has received its first SOC 2 Type 2 report on the organization’s controls relevant to security, confidentiality, and availability. This attestation report is a significant milestone in demonstrating our commitment to protecting customer and company data.
SOC 2, developed by the American Institute of CPAs (AICPA), specifies criteria for managing customer data based on five “trust service principles” which are security, availability, integrity, confidentiality, and privacy. It requires an extensive auditing process, and it is designed specifically for service providers that store customer or company data in the cloud. SOC 2 Type 2 ensures the highest customer data and security standards.
“One of the initiatives we started when I onboarded SecurityGate as CISO a year ago was to raise the bar for security across the company to protect “crown jewel” data from our major global critical infrastructure companies. With that goal in the crosshairs, the team went after the entire infrastructure with fresh eyes, and not only aimed for the security trust services criteria, but also availability and confidentiality. It is a testament to the strong security culture in this company that we are able to announce the successful completion of our SOC 2 Type 2 examination on November 8, 2022.” Bill Lawrence, Chief Information Security Officer at SecurityGate.io, said.
SecurityGate.io partnered with Laika and their auditing team to complete the SOC 2 journey. With Laika, our Security Operations team was able to successfully complete the audit and ensure our security programs, policies, and practices met the SOC 2 requirements.
To access our public report of internal controls over security, availability, and confidentiality, please see this link to our SOC 3 report: SecurityGate.io SOC 3 2022 (2)
SecurityGate.io is a (SaaS) platform that helps organizations prioritize resources and improve cybersecurity by enabling teams to quickly compare insights of their security controls. With SecurityGate.io’s critical infrastructure expertise, simplified dashboard, and actionable data workflows, asset owners and consultant partners are empowered to collaborate and mature cyber-programs faster and easier than traditional manual methods.