.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.png)
Spreedly has secured yet another important addition to its strong commitment to cybersecurity for all payments stakeholders — it has passed its SOC 2 Type 2 audit with no exceptions.
Direct from our Chief Information Security Officer, Chris Hudel:
“We recognize that core to our success is trust from our customers. We are incredibly proud to further reinforce that commitment to security and compliance to support our growing, global customer base through this audit. As we continue to expand, the expectations for our technology and processes do too. It is exciting to build upon our PCI compliance which focuses on card vaulting and add to it the SOC 2 Type 2 certification which looks at the broader organization’s initiatives.”
System and Organization Controls (SOC) is a suite of service offerings Certified Public Accountants (CPAs) provide in connection with system-level controls of a service organization or entity-level controls of other organizations. It is a reporting framework through which organizations can communicate relevant information about the effectiveness of their cybersecurity risk management program. It also allows CPAs to report on such information to meet the cybersecurity information needs of a broad range of stakeholders.
SOC 2, which stands for Service Organization Control 2, is an audit that deals with a service organization’s controls around protection and privacy of data. SOC 2 was designed by the AICPA for service providers storing customer data in the cloud. SOC 2 is an auditing and reporting engagement for companies that have cloud infrastructure.
To learn more about how Spreedly takes proactive steps both online and offline to ensure your customer’s financial information is secure, while still allowing you to process transactions seamlessly, visit https://www.spreedly.com/security.
What does it mean that Spreedly passed its SOC 2 Type 2 audit with no exceptions?
Spreedly successfully completed its SOC 2 Type 2 audit without any exceptions, meaning the company demonstrated effective controls around protection and privacy of data across its broader organizational initiatives. This certification reinforces Spreedly's commitment to security and compliance for its global customer base.
How does SOC 2 Type 2 certification differ from Spreedly's existing PCI compliance?
PCI compliance focuses specifically on card vaulting and payment card security, while SOC 2 Type 2 certification looks at the broader organization's initiatives and controls. Together, these certifications provide comprehensive coverage of Spreedly's security practices from specific payment data protection to enterprise-wide cybersecurity risk management.
What is the purpose of SOC 2 certification for service organizations like Spreedly?
SOC 2 is an auditing and reporting engagement designed for service providers storing customer data in the cloud. It serves as a framework through which organizations communicate information about the effectiveness of their cybersecurity risk management program to a broad range of stakeholders, helping build trust with customers.
