In the first quarter of 2021, Accelevents became certified to be a SOC 2 Type 1 compliant organization. We are very excited about this huge accomplishment. And soon, we will be SOC 2 Type 2 compliant for security. So what does this mean for our customers and business partners? We wanted to fill you in on what SOC 2 is all about and what it means for those who work with Accelevents!
The SOC 2 certification was developed by the American Institute of Certified Public Accountants (AICPA) as a way of evaluating that a company follows the criteria for managing customer data based on principles of trust. There are two parts of the SOC 2 Certification, Type 1 and Type 2.
When evaluating an organization’s SOC 2 compliance, auditors identify how a business manages customer data according to each of the following five trust service principles: security, availability, processing integrity, confidentiality, and privacy.
Accelevents has gone through SOC 2 Type 1 procedures to reassure our consumers that we take security seriously. So what does this mean for you as a consumer?We interviewed our CEO Jon Kazarian, Cloud Architect Julian Severino, and Director of Talent Carrie Matthews to learn more about the process and the goal behind it.
“At Accelevents, we have always put data protection and controls as a top priority. The effort to become SOC 2 certified was an easy decision. Having a third party auditor ensure that we are following all best practices and controls is another step in putting customer data first.”
“A major part of putting customer data first is putting the security of your infrastructure and applications first. We leverage the tools and infrastructure provided by Amazon Web Services, bring the ‘security-by-design' approach to everything we build, and use best practices in automation and data security. Just doing things isn't enough though! So we drilled down and developed policies and procedures addressing things like our disaster recovery plans, how we perform data classification and incident response, our software development lifecycle, access management across the organization, and so much more. It is important for any organization to have solidified, iterable processes they can use to best serve their customers.”
“Though we are still a relatively young company, we have experienced tremendous growth over the past year. It was important to us to show customers and potential customers that we’ve invested in proper processes and procedures as we have grown our headcount.”
With the support of the information systems team, the talent team worked to document internal processes, procedures, and company structures in order to satisfy the audit. Particularly of note in this effort is documenting employee onboarding and offboarding procedures. We put documentation in place to ensure that system access control procedures were consistently followed for all new hires and for those leaving the company as well.
Naturally, you may be wondering exactly what steps and processes were necessary for this certification. There are general guidelines, but every organization is different! For four months, our team worked with auditors from Armanino, one of the top accounting firms in the nation, to answer that question for Accelevents. Because we had most of the processes already set up internally, a lot of the work involved following the AICPA guidelines and making sure we had our T’s crossed and I’s dotted.As Carrie stated, “We were following almost all of the suggested procedures anyway because it’s best practice… but this just proves to the outside world that this is how we operate and we can be trusted with their data and their business.”From a human resources perspective, here are some of the items that were verified through the certification process:
Here’s a bit more of what we did on the technical side:
In today’s data-driven society and economy, it’s imperative that companies can prove themselves trustworthy and do everything possible to protect their users’ data. Now that Accelevents is SOC 2 certified, we can proudly say that we’re dotting our I’s, crossing our T’s, and doing the work every day to prove to our customers that they’re in good hands.