In this article, we'll explain how Streamworks' SOC 2 Type 2 compliance can benefit your business. Here's a quick recap of what SOC 2 compliance is all about.
The AICPA (American Institute of Certified Public Accountants) designed and introduced the SOC series of audits and reports. SOC stands for "System and Organization Controls." It reports on the controls service organizations use to protect, process, and store client data.
There are three SOC reports, but the SOC 2 report focuses on the security design and operating effectiveness of a service organization's policies, procedures, and controls.
SOC 2's Five Trust Services Criteria guide how service organizations should handle sensitive client data.
The Five Trust Services Criteria are:
Besides the Five Trust Services Criteria, SOC 2 has both a Type 1 and Type 2 report.
What's the difference?
In simple terms, the Type 1 report examines if systems are suitably designed at a specific single moment in time.
Contrast that to the Type 2 report which examines if systems are operating as designed over some time, typically six months or more.
Type 2 is a more rigorous audit as it measures operating effectiveness, or how well the systems work in real-world, real-time practice.
Streamworks has chosen the more comprehensive and demanding Type 2 compliance report, so our clients see our systems operate effectively and securely over the long term.
It's all well and good that we've invested in our security operations, methods, and framework. The real question is, what are the benefits to your company?
Here are three:
Most companies don't have the time, money, or full security team to audit a critical vendor. Work must move forward, and to get the job done, you sometimes have to share sensitive data.
How do you know your service providers are doing all they can to protect that data?
That's where the SOC 2 Type 2 report comes in.
Streamworks has invested heavily in our security program. How? Audited against stringent security standards, we provide security awareness training for all employees. Also, we develop and maintain administrative, technical, and physical security controls to protect your data.
Through our annual SOC 2 Type 2 audit (which is always performed by independent, unbiased, third-party auditors), we show our commitment to security and the protection of your data.
We had two things in mind when we designed our secure systems: to protect your data and to keep your business moving forward.
With our SOC2 Type 2 report, we've proven our systems are built to exceed both of those goals and more. From our Business Continuity Planning to our off-site backups, to our intelligent inserting, and everything in-between, we designed our systems to protect, store, and process your data securely.
Finally, it's one thing to design a system that securely handles your data: it's another to prove the system performs over the long term.
In SOC 2 terminology, this is "operating effectiveness." It means you can have peace of mind knowing our controls are in place to work every time, all the time.
Our production and security protocols ensure the confidentiality and integrity of your data are always maintained.
Our SOC 2 Type 2 compliance report proves it.
Let it give you the confidence it gives us, namely that your data is in good hands with Streamworks, your SOC 2 compliant partner.
Streamworks provides secure marketing services to help move your business towards success. We show this by earning our SOC 2 Type 2 compliance every year, with our continuous security awareness training, process testing, and ongoing strengthening of our security measures.
We're proud to be SOC 2 Type 2 compliant, and we're pleased to bring these benefits to your company.
Wondering how to evaluate secure marketing partners? Download our Secure Marketing Communications Checklist to screen vendors so you can find a trusted marketing partner for your sensitive data.