Kentico Kontent Achieves SOC 2 Type 1 Compliance
We believe there’s no such thing as being too secure. Not only do we have three ISO certifications that apply to Kentico Kontent, but, as of today, we’re proud to announce that Kontent is also SOC 2 Type 1 compliant.
What Is SOC 2?
Developed by the American Institute of Certified Public Accountants (AICPA), this auditing procedure, formally known as Service Organization Control 2, is designed for service providers that store customer data in the cloud. It ensures that those service providers can securely manage data and protect the privacy and interests of their clients.
Because SOC 2 relates to companies that store their clients’ information on cloud-based servers, it was important for us that Kontent, our Content-as-a-Service solution, completed this examination.
There are two types of SOC 2:
- The SOC 2 Type 1 is a report evaluating the procedures and controls relating to one or all of the so-called Trust Services Criteria (TSC) that a company has put in place as of the time of evaluation.
- The SOC 2 Type 2 is, on the other hand, a report assessing how effective the controls in place are over a period of six months.
What Does SOC 2 Require?
A company that wants to pass the audit needs to establish and then follow strict information security policies that serve as guides for the auditors. The SOC 2 audits are performed by licensed CPA firms specializing in information security.
Is Kentico Kontent SOC 2 Compliant?
We are proud to announce that we have successfully completed the SOC 2 Type 1 examination, showing our commitment to information security and protecting our customers’ sensitive data against breaches.
Our report covers the following Trust Services Criteria that are relevant to the services we provide:
- Availability – information and systems are available for operation and use as committed or agreed
- Security – information designated as confidential is protected against unauthorized access, both physical and logical
- Confidentiality – information designated as confidential is protected as committed or agreed
Completing the SOC 2 Type 2 examination, which requires assessment over a longer period of time (usually half a year), is our next goal—we always strive to develop the best product for our customers.
As data security has never been more important than now in “the age of cloud”, you need a solution that is reliable and secure. In case you haven’t explored Kontent, you can sign up for our free 30-day trial.