SOC 2 Type 2 compliance: the security of your data
More and more, our business processes, data, and backups are handled through remote access, aka “the cloud”. Online storage of critical company information, including intellectual property, critical contact information, and strategic documentation has become the norm. In fact, most of our sales and marketing information these days is stored in our CRMs and marketing automation tools; all of which are SaaS.
Sales experience solutions such as win loss analysis and customer experience analysis are no exception. Primary Intelligence pioneered the SaaS model of software for the voice of the customer industry, making all of your intelligence efforts available through the cloud. While this makes your buyer/customer intelligence insights readily available from anywhere, it does come with security concerns. As the leader in win loss analysis and customer experience, we take the protection of our customers’ data very seriously.
Primary Intelligence is pleased to announce that we have successfully completed the AICPA Service Organization Control 2 (SOC 2) Type 2 audit and are compliant at the highest level.
What is SOC 2?
SOC refers to “System and Organizational Controls” as defined by the AICPA. It is a suite of reports produced during an audit and are “relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems.”1
SOC 1 refers to internal controls over financial reporting while SOC 2 covers the handling of data over five trust principles2:
- Security: Firewalls, intrusion detection, and multi-factor authentication
- Availability: Performance monitoring, disaster recovery, and incident handling
- Confidentiality: Encryption, access controls, firewalls
- Processing integrity: Quality assurance and process monitoring
- Privacy: Access control, multi-factor authentication, and encryption
What is Type 2?
There are two levels of reports for SOC compliance:
- Type 1: Certifies adherence to meeting the five trust principles at one moment of time
- Type 2: Certifies adherence over a period of time, usually 9-12 months
The SOC 2 Type 2 report is performed by an independent auditing firm and is intended to provide our customers with proof that, when it comes to protecting your data, we have implemented a company-wide security infrastructure that meets the highest standard of security requirements.
Primary Intelligence has certified for SOC 2 Type 2 compliance
The relationship we have with our customers is built on the trust that their data is protected and secure. This third-party certification provides the required proof existing and new clients need to give them the peace of mind that their data is safe and secure.
Primary Intelligence is pleased to report that we have become SOC 2 Type 2 compliant. The audit to receive this certification is extensive and exhaustive. Reaching this milestone is not done easily, and we are pleased to offer our customers with the best possible security available for your data.
Primary Intelligence invests a significant amount every year in our security infrastructure and processes and the security of our clients’ data so that they can focus on taking action on the consistent flow of rich customer, sales, marketing, product, and competitor insights.
SOC 2 has greatly complimented our security and privacy ecosystem and the ongoing auditing of that system examines our organization from a top-down, holistic approach. This process has given us the opportunity to build best practices across every team, including finance, HR, delivery, customer success, IT, product management, and engineering.
Being SOC 2 Type 2 compliant makes Primary Intelligence more robust and reliable for our clients, giving them the peace of mind that a partnership with us is built on a strong, solid foundation that exists today and will continue to exist over the long term.
This certification is not the end of the SOC 2 process at Primary Intelligence. We are committed to carry out an annual SOC 2 audit to ensure we continue to maintain and build on what we have put in place to protect our clients and their data. Your trust is one of our most valued assets and we are committed to maintaining all certifications that demonstrate the effectiveness of our policies and controls in protecting your data.