A Milestone in Data Security

SOC 2 Type II Compliance

At Flexagon, we are deeply committed to safeguarding the privacy, confidentiality, and availability of the data entrusted to us by our customers. As part of this commitment, we continuously strive to meet and exceed the highest standards of data security by adopting advanced systems, technologies, and practices. Today, we are proud to announce that Flexagon has achieved SOC 2 Type II compliance, a significant milestone in our journey to ensure robust data protection.

What is SOC 2 Compliance?

SOC, or System and Organizational Controls, is a framework developed by the American Institute of Certified Public Accountants (AICPA). It provides independent attestation and verification of the controls a company has implemented to mitigate risks related to information and data security.

SOC 2 reports come in two types:

Type I: Evaluates the design and implementation of a company’s controls at a specific point in time, verifying that policies and systems are in place.
Type II: Monitors and evaluates the effectiveness of these controls over an extended period, ensuring that they are consistently followed in day-to-day operations.

What Does SOC 2 Type II Compliance Mean for Our Customers?

Achieving SOC 2 Type II compliance demonstrates our unwavering dedication to protecting both our customers’ data and our own. This certification is widely regarded as the gold standard for cybersecurity attestation.

To earn this distinction, a third-party auditor rigorously evaluates whether a company has implemented appropriate physical, technical, and administrative safeguards to secure its infrastructure and information. Upon successful completion, businesses are awarded the AICPA SOC badge, a symbol of trust and reliability.

At Flexagon, we proudly display this badge on our website as a testament to our commitment to data security and our customers. It reflects our understanding of the critical importance of safeguarding data in today’s digital landscape.

What is Involved in a SOC 2 Type II Audit?

A SOC 2 Type II audit is an in-depth examination of a company’s policies, procedures, and systems to ensure they meet the Trust Services Criteria across five key categories:

1. Availability

Ensures that systems operate reliably and are available to meet business objectives. Examples include performance monitoring and disaster recovery solutions.

2. Processing Integrity

Verifies that systems function predictably, efficiently, and without errors. Examples include software development lifecycle management and quality assurance processes.

3. Confidentiality

Protects sensitive information throughout its lifecycle, from ingestion to processing and disposal. Examples include encryption policies and identity and access management solutions.

4. Privacy

Focuses on safeguarding personal information, particularly data collected from customers or clients. Examples include privacy policies and consent management practices.

5. Security

Ensures that systems are protected against unauthorized access and breaches. Examples include firewalls, intrusion detection systems, and multi-factor authentication.

During the audit, the auditor requests evidence from specific dates and times over a minimum three-month period. This evidence is then reviewed to confirm that the company consistently meets the criteria.

Why SOC 2 Type II Compliance Matters

By achieving SOC 2 Type II compliance, Flexagon reinforces its position as a trusted partner in data security. This certification assures our customers that we are not only implementing best-in-class security measures but also adhering to them consistently in our daily operations.

We remain committed to maintaining the highest standards of data protection and will continue to invest in practices that ensure the safety, security, and integrity of the information entrusted to us.

Looking for FlexDeploy Documentation?

Documentation

Are You a Customer that Needs Support?

Customer Support