SOC 2 is a security certification often considered table stakes for those processing data. CloudFactory has had SOC 2 certification since 2020.
The SOC 2 criteria for managing client data are based on five principles: security, availability, processing integrity, confidentiality, and privacy. The SOC 2 certification assures clients that we have the infrastructure, tools, and processes to protect their information from unauthorized access both from within and outside the firm.
A number of SOC 2 controls focus on physical access to data. Those controls traditionally relied on in-person monitoring solutions like physical access restrictions and real-time video monitoring. The pandemic significantly changed the work location landscape for many businesses, including CloudFactory, making existing controls less impactful. In their place, CloudFactory implemented strong virtual security controls that create a level of security similar to what we can achieve in-person.
Our latest security enhancements include:
- New security controls between our data analysts and clients to detect zero day attacks, prevent traffic from compromised networks, prevent data distribution based on content patterns, and enforce granular application access.
- Ongoing vulnerability scans and remediation of security vulnerabilities measured against a cyber exposure score to ensure we maintain a low risk baseline.
- Device posturing and context policy enforcement to control how, where, what, and who connects to the services we provision.
We continue to collaborate with clients and monitor industry trends to explore new ways to strengthen our security offerings. Maintaining our SOC 2 certification despite a remote environment is further proof that we’ve maintained a strong level of security in this remote world.
Learn more about our other certifications here.
Outsourcing News Data Security AI & Machine Learning Quality Compliance
