At InThing, Security, Privacy, and Availability of our services is our top priority. We’re excited that InThing is now SOC 2 Type 1 certified.
What is SOC 2 Compliance?
System and Organization Controls (SOC) 2, developed by the American Institute of Certified Public Accountants (AICPA), is an auditing procedure designed to ensure that third-party service providers can securely manage data to protect the interests and privacy of their clients. It sets criteria for managing customer data based on five trust service principles: availability, confidentiality, processing integrity, privacy, and security. Compliance with this auditing procedure attests that the organization has implemented controls to meet those trust service principles. A SOC 2 Type 1 report describes a service vendor’s systems and determines whether it is capable of adhering to relevant trust principles by a specified date.
What did we do to achieve the certification?
We started preparation for this Audit back in Q1 2023. We performed a gap analysis and engaged with a third party to help us in clearing various internal Audits. The feedback from the gap analysis and internal audit helped us in putting together appropriate policies to effect and updating process documentation to that effect. Once we were confident with our policies and procedures, we submitted to an external audit and achieved the final certification. Recertification in both SOC and ISO will become an annual process. We are fully committed to maintaining the operational practices that will allow us to recertify efficiently each year. The InThing development team follows Agile development practices and is continually evolving. We maintain high standards and follow industry best practices when it comes to delivering product features to InThing services users.
What does it mean to our customers and partners?
Delivering software as a service is a continuously engaging and evolving enterprise. Our customers use our platform and products to run their own critical services, so they need to be assured that InThing is up to the task of fully supporting them. These industry certifications are one way they can evaluate our ability to design, build, and operate a secure, resilient service they can rely on to underpin their businesses. When our customers engage their security teams to dig into our service design, these certifications assure our claims and make clear that we’ve made an ongoing commitment to our operational practices. Our partners, on the other hand, feel confident in engaging with an organization that is committed and proven to ensuring high standards of service.
We hope that this update provides you with enough details on InThing’s SOC2 compliance status.
–The InThing Team–