Announcing Aidentified’s SOC 2 Type II Attestation

Posted: October 5th, 2022

At Aidentified, we are deeply committed to keeping our platform secure and ensuring that our customer data remains safe. As a SaaS and data services company, we strive not only to meet, but exceed data security industry standards. In 2021, Aidentified dedicated its efforts towards obtaining a SOC 2 Type I Attestation – a gold standard for data security controls and processes. Today, we are excited to announce that our small but mighty company has achieved the SOC 2 Type II standard, a significant milestone, reaffirming our commitment to building a safe and strong platform. Reaching this milestone would not have been possible without the help of our service providers. Aidentitifed would like to extend a big thanks to Vanta, our SOC2 readiness and compliance platform provider and GeelsNorton, our independent auditor, for their continuous support and unrivaled partnership throughout this entire process.

What is SOC 2 Type II (and why is it different than SOC 2 Type I)?

As you may recall from our blog last year, SOC 2 (“Service Organization Controls 2”) is an auditing measure that was developed by the American Institute of CPAs (“AICPA”) which evaluates a company’s ability to securely manage and protect the data it collects from customers and third parties. While SOC 2 Type I assesses whether a company has designed and implemented suitable security controls, SOC 2 Type II tests the effectiveness of those controls spanning the year-long audit period. In other words, a Type I audit ensures that a company has in place specific data security safeguards, but the Type II audit tests whether the company actually follows those controls and that the controls work properly.

Our SOC 2 audit experience 

After receiving the SOC 2 Type 1 Report in 2021, Aidentified continued its partnership with GeelsNorton, a qualified auditor specializing in SOC 2 for emerging and high-growth cloud technology companies (and a preferred assessor for Microsoft), to assist with our SOC 2 Type II journey. We are happy to report that GeelsNorton has concluded that our company’s current security framework meets all the controls and requirements for Type II compliance. Our audit experience with GeelsNorton has been remarkable. Throughout our entire SOC 2 journey, GeelsNorton was by our side, navigating us through each step and providing us with insight along the way.

Why receiving a SOC 2 Type II Report was important to Aidentified

In today’s tech world, it is often difficult to determine which businesses you can rely on to keep your data secure. According to a recently published Forbes  article, 80% of companies have experienced a cloud-related security incident in the past 12-months. With growing security concerns, a SOC 2 report can help instill trust and attract customers by proving that a company’s security framework is reliable. By having a SOC 2 Type II attestation, we hope to alleviate some of the concerns our current and potential customers and partners may have around third-party risk. We want our customers and partners to rest assured knowing that Aidentified’s security controls have been independently evaluated and rigorously tested in the following areas:

• Company policies and procedures
• Incident response
• Disaster recovery
• Access controls
• Vulnerability scanning and monitoring

At Aidentified, we will continue adhering to this high standard as we grow and evolve and having these fundamental security building blocks in place will be key to this growth and ultimately, our success.