PCI Compliance

SOC 2 Type 2 Certification Update

Spreedly has updated its SOC 2 Type 2 credentials, affirming our strong commitment to cybersecurity for all payments stakeholders.

Written by
Rachel Fine
Publication Date
May 13, 2022
Social Share
Don’t miss our latest news and updates
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Spreedly has updated its SOC 2 Type 2 credentials, affirming our strong commitment to cybersecurity for all payments stakeholders. We have passed our 2021 SOC 2 Type 2 audit with no exceptions.

Based on the Trust Services Criteria, the report confirms compliance in two key areas:

  • Security: Spreedly’s systems are protected against both physical and logical unauthorized access attempts 
  • Confidentiality: Information designated as confidential is protected as committed or agreed
“Providing a comprehensive security program is crucial in our industry and key for the services we offer. As Spreedly continues to grow, we will remain focused on maturing the technology and processes as it relates to security and compliance,” commented Spreedly’s Chief Information Security Officer, Jennifer Rosario. “Fortunately, the intentional actions we take every day in our security program align directly with our ability to comply with various regulations and control frameworks. We are pleased to expand our SOC 2 Type 2 certification to not only the security trust criteria but also the confidentiality trust criteria this year, which reinforces the commitment to security our customers expect.”

System and Organization Controls (SOC) is a suite of service offerings Certified Public Accountants (CPAs) provide in connection with system-level controls of a service organization or entity-level controls of other organizations. It is a reporting framework through which organizations can communicate relevant information about the effectiveness of their cybersecurity risk management program. It also allows CPAs to report on such information to meet the cybersecurity information needs of a broad range of stakeholders.

SOC 2, which stands for Service Organization Control 2, is an audit that deals with a service organization’s controls around protection and privacy of data. SOC 2 was designed by the AICPA for service providers storing customer data in the cloud. SOC 2 is an auditing and reporting engagement for companies that have cloud infrastructure.

To learn more about how Spreedly takes proactive steps both online and offline to ensure your customers’ financial information is secure, while still allowing you to process transactions seamlessly, visit https://www.spreedly.com/security-compliance

Related Articles

PCI Compliance

The Real Cost Of PCI Compliance

An overview of the costs of PCI compliance implementation, validation and non-compliance.

Posted on Aug 24, 2023 by Rachel Fine

PCI Compliance

PCI Compliance Checklist

An in-depth guide on the purpose, levels, and steps of PCI Compliance.

Posted on Jul 21, 2023 by Rachel Fine

PCI Compliance

PCI DSS v4.0: What's Next?

Uncovering, analyzing, and defining the latest updates and additions to PCI DSS v4.0

Posted on Mar 29, 2023 by Rachel Fine