Event App Provider, Gather Digital, Earns SOC 2 Technology Security Report
A SOC 2 report covers vendor processes and safeguards. Third-party auditing and reporting should be shared by event app providers.
CHAPEL HILL, NC - SEPTEMBER 28, 2016
Gather Digital, a leader in event applications, has recently announced its successful completion of the Service Organization Control Reports® Type 2 (SOC 2) compliance examination. The SOC 2 report focuses on controls that businesses have in place as they relate to security, privacy, confidentiality, availability and processing integrity.
It allows customers of service organizations to see the complete set of measures and safeguards a vendor has in place in these areas and how effectively the vendor is executing those controls. For technology customers, this is crucial for data security.
The American Institute of Certified Public Accountants (AICPA) created the SOC 2 reporting framework in order to test internal controls and processes of service organizations. The extensive audit is a several-month process and is conducted by an independent third party.
“The process for a SOC 2 audit is a tremendous effort, but crucial for technology companies that work with client data,” said Jon Phillips, CEO of Gather Digital. “It gives customers great insight and ensures that the tech vendor can deliver on promises made to them.”
The SOC 2 compliance review for Gather Digital was based upon three Trust Services Principles: Security, Privacy and Availability. Each Trust area required documented controls and evidence of adherence to those controls. For example, for the Security Trust Principle, Gather Digital defined controls that third-party experts evaluate their native app security, network and server infrastructure, and web-based content management system on an annual basis. SOC 2 auditors confirmed the testing and adherence over a six-month evaluating period.
The Privacy Principle included requirements of certain internal processes regarding employees, such as background checks, annual disaster recovery drills and security training.
For the Availability Principle, the auditing firm reviewed controls that eliminate downtime and meet Service Level Agreements, as well as server monitoring tools, disaster recovery and failover test processes.
“Before entrusting a company with important data, it's important to know how the company is going to safeguard it,” Phillips added. “They should be very upfront about that.”
The leader in event app security, Gather Digital, is proud to have earned a SOC 2 report. The company has long been focused on providing the highest level of security for its clients. It has released a new checklist of the five most important security questions to ask a technology vendor.
ABOUT GATHER DIGITAL
Gather Digital provides best-of-breed mobile event apps for corporations, associations and educational institutions. Established in 2009, Gather Digital creates native and mobile web applications with an integrated system for lead retrieval, continuing education credits, live polling, surveys, small group meetings, personalized itineraries and gamification. For more information, contact Angie Sloan at 919-932-4266.