Synadia has always been dedicated to security. As true as that might be, it’s one thing for us to implement security policies and business processes internally, and it’s another thing entirely for us to be able to demonstrate it in a way that satisfies auditors and our customers alike.
That’s where SOC 2 compliance comes into play: it serves as a demonstrable first step in proving our devotion to safeguarding customer data and to the reliability of our services in a way that has been validated by an independent auditor.
What is this SOC 2 compliance thing anyway?
SOC 2 stands for Service Organization Control 2 , and it is a compliance standard developed by the American Institute of Certified Public Accountants or AICPA. SOC 2 specifies how organizations should manage customer data. It’s a framework based on the following Trust Services Criteria (TSCs):
Security
Availability
Processing integrity
Confidentiality
Privacy
Achieving SOC 2 Type 1 compliance means that Synadia has established a set of controls, policies and processes that meet those TSCs. It helps to provide an assurance that we’ve taken the necessary steps to safeguard sensitive information from unauthorized access or disclosure.
There are two types of SOC 2 compliance:
SOC 2 Type 1: Validates that an organization has established appropriate controls at a specific point in time. That’s where we are now.
SOC 2 Type 2: Confirms that an organization has maintained and operated those controls over a period of time, typically 6 to 12 months.
How does this impact Synadia’s customers?
In short, it offers additional peace of mind. That’s true for all customers but is especially so for customers in industries which make frequent use of sensitive information and need to ensure that data is protected.
That being said, nothing is changing directly with the services and products that we provide, and SOC 2 compliance is mostly a behind-the-scenes effort. Our services will be available in the same ways they always have been.
Where do we go from here?
Rest assured, we have no plans to rest on our metaphorical laurels! We remain committed to not just retaining our current standards and achieving SOC 2 Type 2 compliance in the near future, but we will work to continuously improve our policies and processes so that our customers can be confident in our dedication to them and the security of their data.
Keep your eyes on this blog for future updates!
Synadia achieved compliance through Vanta, with auditing done by Johanson Group, LLC. If you would like to request a copy of our SOC 2 Type 1 report, please contact info@synadia.com.
About the author
Evelyn Scidmore serves as Security Operations Engineer at Synadia. Evelyn is a security and systems engineering veteran with over 20 years of experience, doing a range of things from reverse engineering malware and hunting for zero-day vulnerabilities to designing and building secure infrastructure for cryptocurrency banking.