Blog

Everstream’s new SOC 2 compliance enhances supply chain security

Doug Daugherty | April 13, 2022

Everstream Analytics is pleased to announce our compliance with the high standards of SOC 2 Type 2, following the recent completion of an audit of our security systems and processes. 

The cybersecurity landscape is constantly changing, leaving organizations scrambling as new threats constantly pop up. Maintaining and demonstrating a high level of data privacy measures is not only key to smooth operations, but now essential for responsible business management. Customers and clients want assurances that their data is unlikely to be compromised in a data breach. And they are more than willing to take their business elsewhere if they are unconvinced by a company’s cybersecurity standards. 

Cybersecurity and data privacy are top-line concerns for C-suite executives, too, especially as the level of scrutiny around cyber has heightened due to ongoing global events.  

As a result, a plethora of regulations and standards have come to the fore in the past few years, ensuring organizations in all industries are at the top of their cybersecurity game. These standards generally place a high burden of proof on companies, so compliance is a good indication of how serious an organization is about their security. 

SOC it to me

SOC 2 (System and Organization Controls 2) is one such framework that aims to examine the level of trust principles in place and is considered one of the highest auditing standards in the world. Conducted by an accountant certified by the American Institute of Certified Public Accountants (AIPAC), a SOC 2 audit is a highly detailed and intensive process.  

There are two types of SOC 2 audits that companies can receive: Type 1 and Type 2. Type 1 attests to the status of trust principles at a certain point in time, while a Type 2 examination is based on an observation of the trust principles in action over a period of time.  

Companies can choose to be examined in any of the five pillars of trust, including security. However, SOC 2 does not simply inspect software security, like encryption, though that does play a role in the audit framework. Instead, SOC 2 takes all forms of organizational security measures into account, including data privacy training for employees, how data is processed, and what access controls are in place.  

This holistic perspective means that companies such as Everstream must go through a thorough due diligence process that investigates all aspects of the business. Compliance to SOC 2 is a company-wide status, not just one that applies to a specific product. 

No holes in our SOC(s)

Everstream’s SOC 2 Type 2 audit was completed in March, after a full nine-month process of preparation and examination. Our audit report indicated a high level of compliance with SOC 2’s security framework. We intend to keep this attestation current and will be undergoing a similar process each year to update and maintain our SOC 2 status.  

Our ongoing compliance to SOC 2 will give our customers confidence in our cybersecurity and data privacy standards, both within our products and our overall operations. It will also ensure that we continue to improve our data privacy measures, as we face the changing cyber threat landscape.  

And, even if potential customers require separate cybersecurity checks during their due diligence process, Everstream’s SOC 2 compliance means that we are more prepared than ever to answer any questions they may have. For example, we scored highly – 901 out of a possible 1000 – on a recent screening by Cybervadis. That check was requested by a customer, and our score secured our business with them.  

The world of data is growing more and more as each day passes, and security compliance is a never-ending responsibility. A cybersecurity oversight could cost a business dearly, affecting their client relationships, reputation, and bottom line. Standards such as SOC 2 help clients understand what an organization is doing to protect critical and private data. And it helps organizations to improve their cybersecurity posture consistently, and to establish the strength of their security measures.  

With our recent SOC 2 attestation, Everstream is proud to demonstrate our robust cybersecurity and data privacy status and look forward to continuing our SOC 2 compliance for years to come. 

Share this post

Up Next

April 7

Climate change means increased drought risk to your global operations. Here’s what to monitor so your supply chain doesn’t dry up.

Read blog