Key takeaways
Overview
We’re excited to announce that Liquifi is now SOC 2 Type I compliant. This certification recognizes that our security and privacy policies are compliant with the standards established by the American Institute of Certified Public Accountants (AICPA).
At Liquifi, we believe that security should be considered a top priority from the start. We prioritized obtaining SOC 2 Type I compliance to ensure our team is upholding the best practices in security.
What is SOC 2 & Why is it important?
SOC 2 or Service Organization Controls 2 is a framework that is governed by the American Institute of Certified Public Accountants (AICPA). With a SOC 2 audit, an independent service auditor will review an organization’s policies, procedures, and evidence to determine if their controls are designed and operating effectively. A SOC 2 report communicates a company’s commitment to data security and protection of customer information.
Improving your security posture
SOC 2 compliance exemplifies an organization’s commitment to their customer’s trust and is a major milestone towards improving their overall security posture. With increasing cybersecurity threats and data breaches, it is paramount that organizations prioritize information security and the protection of their systems and data. By undergoing a SOC 2 audit, our controls and processes were validated by a third-party who attests to the functioning of the controls relevant to our application.
Why we pursued SOC 2 now
SOC 2 compliance is an integral step in proving to customers, stakeholders, and interested parties that our organization values their trust and has effectively implemented security controls. At our company’s stage, we realized that it was an ideal time to pursue this as it is important to protect data and mitigate potential security risks early and on an ongoing basis.
Compliance Partners
Vanta
We partnered with Vanta, the leader in the Trust Management space, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data.
Advantage Partners
Our audit firm, Advantage Partners, was extremely helpful in creating a seamless audit experience. With their guidance and support, we were able to achieve SOC 2 compliance in a swift, efficient manner.
Lessons we learned
1. Start the process early
- It is easier to implement policies earlier rather than later.
- Building secure procedures and infrastructure are key components of a successful security program.
2. Focus on improving security posture, not checking boxes
- Compliance is not one size fits all.
- Security is a continuous project that should be prioritized in an organization.
3. Knowing your stakeholders in the compliance process
- Deciding which internal stakeholders are needed for policies, procedures, and engineering tasks.
- Your entire organization will be involved in improving security and adhering to procedures.
To learn more, reach out to us at bd@liquifi.finance.