- Cloud communication platform provider delivers clean SOC 2 report, validating security-first customer commitment
- EMnify’s newly completed SOC 2 Type II report follows SOC 2 Type I completion in November
BERLIN, February, 10, 2021 – EMnify, the leading cloud communication platform provider for IoT, today shares its completed clean Service Organization Control (SOC) 2 Type II examination with customers. Conducted by KirkpatrickPrice, the audit affirms information security practices, policies, procedures, and operations meet the rigorous SOC 2 standards for security and availability.
Defined by the American Institute of CPAs (AICPA), SOC 2 ® defines trust criteria for, in EMnify’s case, security, and availability of its services. For each criteria a company must have one or more controls in place to ensure that the criteria can be met.
SOC 2 Compliance and Processing Customer Data
The importance of meeting the SOC 2 requirements when processing customer data cannot be overstated. SOC 2 reports – unique to each organization – provide a company’s external stakeholder groups with important information about how that company manages its services and customer data. There are two types of SOC reports:
- Type I, which EMnify completed in November, describes a company’s systems and whether their design is suitable to meet relevant trust principles.
- Type II, which EMnify completed in January, details the operational effectiveness of those systems over the audit period.
Martin Giess, EMnify CTO and Co-Founder, comments: “Achieving SOC 2 certification is a significant milestone in EMnify’s company history, and a valuable independent assessment of our information security practices. We are happy to assure our customers and all our stakeholders that working with EMnify means working with a security-first provider.”
What Does Compliance Mean?
By achieving SOC 2 Type II compliance, EMnify has demonstrated its organization, systems and processes are designed to keep customers’ sensitive data secure and to successfully deliver its service to customers. Prospective customers seeking a provider like EMnify, will find that SOC 2 Type II is the most useful certification when considering a possible service provider’s security credentials.
EMnify will remain a security-first communication platform provider for IoT and will continue to take this certification very seriously.
SOC 2 general information
A clean SOC 2 report is provided by external auditors after a formal SOC 2 examination process. Based on the systems and processes which a company has in place, the auditors analyze and assess to what extent a company complies with the below five “trust principles.” Which of the principles are included in the scope of the examination depends on each organization and its services.
Five Trust Principles:
- Security: Protection of system resources against unauthorized access.
- Availability: Accessibility of the system, products or services as stipulated by a contract or SLA. Monitoring network performance and availability, and security incident handling are critical.
- Processing integrity: Does a system achieve its purpose? I.e. deliver the right data at the right price at the right time.
- Confidentiality: Data is considered confidential if its access and disclosure is restricted to a specified set of persons or organizations.
- Privacy: Collecting, using, disclosing and disposing of personal information in accordance with company privacy notice.
For more information on what the SOC 2 examination entails and what purpose it serves, please visit the AICPA website.
EMnify customers that would like to receive more detailed information can reach out to their customer success representatives.
More Articles
