Actify Completes SOC 2 Type I Certification
Rigorous audit validates Actify as a trusted technology partner
Actify, the leading provider of visualization and program management solutions for the automotive supply chain, is proud to announce that the company has successfully completed the Service Organization Control (SOC) 2 Type 1 audit. As companies increasingly use outside vendors to perform activities that are core to their business operations and strategy, there is need for more trust and transparency into cloud service providers’ operations, processes, and results.
Actify’s SOC 2 report verifies the existence of internal controls which have been designed and implemented to meet the requirements for the security principles set forth in the Trust Services Principles and Criteria for Security. It provides a thorough review of how Actify’s internal controls affect the security, availability, and processing integrity of the systems it uses to process users’ data, and the confidentiality and privacy of the information processed by these systems. This independent validation of security controls is crucial for customers in highly regulated industries.
“Our solutions manage not only our customers’ data, but also our customers’ customers’ data, so it is paramount that they have trust and confidence in our security posture,” said Dave Opsahl, CEO of Actify. “Security has always been an Actify priority.”
Actify uses an automation platform to continuously monitor 100+ security controls across the organization. Automated alerts and evidence collection allows the company to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
In addition, all employees will complete an annual security training program and employ best practices when handling customer data; the company will work with industry leading security firms to perform annual network and application layer penetration tests; utilize a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle; and data is encrypted both in-transit using TLS and at rest.