Audiense is now SOC 2 compliant!
We are delighted to share that we have achieved SOC 2 Type II compliance, in accordance with American Institute of Certified Public Accountants (AICPA) standards for SOC for Service (SSAE 18).
We are committed to providing excellent service for all our customers, and this involves handling and storing your data in a compliant and secure manner. Read on to find out why we pursued SOC 2 compliance and what it actually means.
Why SOC 2?
SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy.
Successfully achieving SOC 2 compliance demonstrates our commitment to handling and managing your data – and your audience data – in a secure manner. And because transparency is important to us, we wanted to make sure we were doing this to the highest possible level.
Our SOC 2 attestation represents a valuable addition to our suite of enterprise-grade features that support customers in highly regulated industries such as finance, telecommunications, and education. We believe that SOC 2 compliance is a critical security requirement for any leading audience intelligence software.
A Type II attestation means that not only have we implemented the proper security controls, but the effectiveness of these processes has been verified by expert third-party auditors, and we were determined to be compliant over a period of time, demonstrating proof of our continued commitment to data management and protection.
What did the SOC 2 process involve?
SOC 2 Type II attestation is earned as the result of a successful 6-month audit by an independent firm. We were audited by Prescient Assurance, a leader in security and compliance attestation for B2B, SAAS companies worldwide. To prepare for this diligent examination of our internal security policies and controls, we partnered with Vanta to help us automate the collection of our audit evidence.
The report demonstrates the Audiense’s commitment to properly manage information security risk and continuously improve the product and service to meet industry requirements. Our fully remote team underwent an extensive company-wide auditing process that was prefaced by an internal and external gap assessment, numerous cross-functional initiatives and concluded with the mandatory audit.
COO Juan Sebastian Angel Mesa said: “We are delighted to have achieved the SOC 2 as a result of our hard work and collaborative approach to data security, as a fully remote team. Getting the SOC 2 attestation was an important milestone for the company as it validates our security policies and reinforces the trust of our users.”
Why does SOC 2 matter for SaaS businesses like ours?
Security is a company value here at Audiense. We pride ourselves on our security & compliance principles that guide how we deliver our products and services, enabling people to simply and securely access the digital world. From secure personnel and testing to cloud security and compliance we are committed to doing it right.
Achieving this standard serves as third-party industry validation that we provide enterprise-level security for all customer data secured in our system which remains compliant as well. Here’s how:
- Audiense takes the security of its data and that of its clients and customers seriously and ensures that only vetted personnel are given access to their resources.
- Audiense deploys third party penetration testing and vulnerability scanning of all production and Internet facing systems on a regular basis.
- Audiense provides maximum security with complete customer isolation in a modern, multi-tenant cloud architecture.
- Audiense is committed to providing secure products and services to safely and easily manage billions of digital identities across the globe. Our external certifications provide independent assurance of Audiense’s dedication to protecting our customers by regularly assessing and validating the protections and effective security practices Audiense has in place.