As an early-stage startup, AptEdge believes strongly in ensuring the security of our customers’ data. This focus on security led us to successfully complete our initial SOC 2 Type 1 audit last year. While that was an important first step, we had no intention of stopping our security compliance at the design level. This year we are proud to announce that we have enhanced the scope of our certification with the help of Vanta, by not only auditing the design of security processes at a single point in time but also the maturity level of our security and data privacy-related controls over time.
SOC 2 stands for “Systems and Organizations Control 2” and is a US-based Information Security framework for technology and cloud computing companies. SOC 2 is comparable to the European ISO 27001 standard and follows a top-down approach that requires companies to develop and maintain a set of written policies as well as technical controls. The ultimate goal of SOC 2 is to ensure the appropriateness of the design of controls relating to availability processing integrity and confidentiality of the service provided. SOC 2 Type 1 audits are shorter and focused on the design of controls only. A SOC 2 Type 2 audit is longer and focuses on the design & implementation during a specific time frame.
With this certification, AptEdge’s customers will have peace of mind. They can rest assured knowing that the design of controls regarding availability, processing integrity, and confidentiality of service has been independently and fully reviewed and verified. Additionally, our customers have the assurance that security is being taken very seriously and that controls are being implemented and lived throughout the company.
This is an assurance for your security and compliance teams that an independent third party has reviewed and verified that AptEdge’s product and corporate-related security controls are suitable and appropriate. Your security team can utilize AptEdge’s SOC 2 compliance for your own certification programs and third-party assessments as many companies have SOC 2 as a requirement before choosing to deploy a SaaS solution.
Completion of our first SOC 2 Type 2 audit is part of our ongoing effort to build an effective and appropriate control set to protect the data of all of our users. It is vitally important to develop a set of security and data privacy controls integrated into the culture of the company.