We are excited to announce that Catchpoint has successfully completed the Service Organization Control (SOC) 2 Type II certification. This certification provides our customers and partners an ongoing commitment to transparency and understanding of how we are able to ensure that data is protected through a solid set of internal controls.
Cloud-based services pose opportunities—and challenges
In today’s digital world, almost every company relies on cloud-based services that are built and managed by outside vendors to host data. The benefits of buying solutions from service providers include lower costs, best-of-breed solutions, ongoing enhancements and features, scalability out of the box, and, most importantly, the ability to focus IT resources on developing core business aspects. Accompanied by such benefits, however, is a lot of risk regarding security and privacy, as the data is then out of the control of your IT resources and in the hands of others.
As the CIO of Catchpoint, my team and I face this same conundrum when buying a new service. For those of us who buy technology, managing the vendor risk can be daunting given the complexity of a cloud-based service, the inability to access the system(s) behind the service, the code, processes and procedures, and the lack of contextual information for a security analyst to determine vendor-specific precautions.
The answer: SOC 2 Type II
This is where the SOC 2 Type II audit comes to the rescue for technology buyers. The audit is performed by a certified third-party who reports on the processes and procedures a company has in place regarding five key criteria: security, availability, processing integrity, confidentiality, and privacy.
For our SOC 2 certification, we partnered with Trustnet, a well-respected company with extensive expertise in security management and compliance, who ensures that our controls and safeguards are in place and working properly to provide the level of security our customers deserve.
Catchpoint remains committed to delivering the best monitoring solutions to our customers, IT operations, and SRE Teams. That means providing more than just great features, visualizations, and algorithms to reduce mean time to repair—it means also ensuring that we design, develop, and manage services that are secure and safe by relying on best practices and controls.