At Gatekeeper, we continually invest in security best practices to ensure that our client’s data stays safe and secure. As a part of an ongoing effort, we are excited to announce that we’ve successfully passed our SOC 2 assessment.
The examination was conducted by A-LIGN, a technology-enabled security and compliance firm trusted by more than 2,500 global organisations to help mitigate cybersecurity risks.
“Gatekeeper’s SOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.”
Keeping our customers protected
Gatekeeper’s control framework was independently audited to assess our compliance with the SOC 1 Type 1 & 2 and SOC 2 Type 2 framework. We chose to assess our internal controls across the whole business including leadership strategy and corporate governance, but the key focus was on the Gatekeeper platform and its:
- System Access Control
SOC 2 governs how Gatekeeper manages customer data and has a great deal of cross-over with the ISO27001 accreditations we have held for 5+ years. Whilst ISO has global appeal, SOC 2 will provide additional comfort to our US-based customers that their data is protected.
What Is SOC 2?
Rather than a cybersecurity assessment that evaluates specific technical configurations, a SOC 2 report focuses more on how an organisation implements and manages controls to mitigate the identified risks to the different parts of an organisation.
The SOC 2 audit testing framework is based on the Trust Services Criteria (TSC), which are used to identify various risks an organisation should consider addressing. There are five Trust Services Criteria.
The first criteria, Security, must be included with every SOC 2 report and is referred as the “Common Criteria”. The remaining four are optional to include:
- Security (required)
- Availability (optional)
- Processing Integrity (optional)
- Confidentiality (optional)
- Privacy (optional)
Reports available upon request
Gatekeeper will make the SOC 2 report available to current or potential customers upon execution of a non-disclosure agreement. We hope the steps we have taken help you remain confident in knowing that your data is secure with Gatekeeper.
Gatekeeper values the trust of its customers and that’s why we’re committed to providing the highest levels of security, availability and confidentiality,”says Patrick O’Connor, CEO of Gatekeeper. 'Passing both SOC 1 Type 2 and SOC 2 Type 1 assessments, in addition to our existing ISO 9001 and ISO 27001 certificates, demonstrates our ongoing dedication to protecting customers and their data.'
To learn more about our security policies and initiatives, please contact a member of the team.