Levitate, the leading happiness platform for relationship-based businesses, announces a new chapter in its security: achieving SOC 2 Type I & II compliance certification after an expertly-conducted audit by Prescient Assurance. This significant milestone isn’t just about meeting standards; it’s a testament to Levitate’s continuous pursuit of iron-clad security for its clients and platform.
CIO INFLUENCE :Â CIO Influence Interview with Herb Kelsey, Federal CTO at Dell Technologies
Understanding the difference between SOC 2 Type I and Type II reports is crucial in appreciating the comprehensive nature of Levitate’s dedication to data security.
SOC 2 Type I: A Snapshot of Cybersecurity Controls
SOC 2 Type I compliance assessed Levitate’s cybersecurity controls at a specific point in time, providing a snapshot of the organization’s security posture. The primary objective was to evaluate whether the internal controls in place meet the required Trust Services Criteria for safeguarding customer data. This report also serves as an important benchmark for organizations working towards the more comprehensive SOC 2 Type II certification, explained below.
SOC 2 Type II: Ensuring Long-Term Effectiveness
On the heels of achieving SOC 2 Type I, Levitate has also achieved SOC 2 Type II compliance, reflecting the effectiveness of the happiness platform’s systems and controls by way of an observation period of several months. This meticulous examination assesses the effectiveness of an organization’s information security controls and evaluates how well these controls operate in real-world scenarios, including ensuring system availability, maintaining processing integrity, safeguarding confidentiality, and upholding privacy commitments.
CIO INFLUENCE ARTICLE :Â Unlocking the Code: Key Differences Between Networking and Cloud Computing
Levitate’s Focus on Safeguards
The SOC 2 certification attests to Levitate’s adherence to the rigorous security and privacy standards set forth by the American Institute of Certified Public Accountants (AICPA). The audit affirms Levitate’s:
- Protection Against Unauthorized Access. This aspect focuses on the measures in place to secure Levitate’s platform from unauthorized entry. It includes robust access controls, multi-factor authentication, and identity management systems to guarantee that only authorized individuals can access sensitive information.
- System Availability. Levitate’s commitment to system availability involves implementing strategies to minimize downtime and ensure that its platform is consistently accessible. This includes redundancy measures, failover mechanisms, and a comprehensive disaster recovery plan to maintain a seamless user experience.
- Processing Integrity. Processing integrity refers to the accuracy and completeness of data processing within Levitate’s systems. This includes evaluating the organization’s ability to process data correctly, ensuring that transactions are valid, and verifying that data aligns with predefined criteria, all contributing to the reliability of information processing.
- Safeguards for Confidentiality. Levitate prioritizes the confidentiality of user data by implementing robust data classification and handling practices. This involves encryption methods, secure data storage, and strict access controls to prevent unauthorized disclosure of sensitive information.
- Privacy Commitment. Levitate’s commitment to privacy involves adhering to stringent privacy policies and practices. This includes transparent data collection, use, retention, and disclosure practices aligned with user consent.
“Since Levitate’s inception, data security has been non-negotiable. Achieving SOC 2 certification underscores this dedication to providing a safe and secure platform for all our customers and also aligns us with AICPA & CIMA’s strict standards for our financial customers,” said Robert Mills, Vice President of Engineering at Levitate.
As Levitate continues to grow, advancing user-friendly technologies and elevating data security standards will remain at the forefront, reinforcing its position as a trusted partner for relationship-based businesses in the digital landscape.
CIO INFLUENCE ARTICLE :Â Top 10 Tech Events CIOs Must-attend in 2024
[To share your insights with us as part of editorial or sponsored content, please write to sghosh@martechseries.com]