Announcing SOC 2 Type 2 Certification: Reinforcing Our Commitment to Security

Plivo employs security best practices and policies to ensure that our network is secured physically and virtually and that our customers’ data and payment information is both private and secure. We use a comprehensive set of security controls and processes to track and secure your information. In addition, we have built a security-conscious culture from Day 1: everyone at Plivo knows security is our most important job.

But we don’t expect you to take our word for it. The Association of International Certified Professional Accountants (AICPA) runs independent audits of organizations looking at Systems and Organization Controls (SOC). In particular, the SOC 2 audit, for service organizations that hold, store, or process their users’ information, focuses on IT security and availability processes. This is the most thorough SOC protocol, attesting not only to the adequacy of our processes and systems, but also to our operational effectiveness in adhering to those controls over time.

We’re happy to announce that Plivo has obtained a SOC 2 Type 2 report detailing our systems’ operational effectiveness. The SOC 2 compliance report contains a history element that demonstrates how a company’s controls were managed over time. It also considers how well our internal controls and systems perform over time.

Sample of some controls covered in the SOC 2 Type 2 report include:

  • Communication of changes to customers
  • Internal access control to production environments
  • System monitoring and ongoing risk assessments
  • Disaster recovery and data backup
  • System and security monitoring and incident response processes
  • Employee onboarding and termination processes

We’re proud to have obtained this SOC 2 Type 2 certification. The SOC report represents our commitment to security and results from months of hard work by our team. And our commitment to security is more than a checkbox. We make sure that our systems and processes are up to the task of handling the sensitive data that our clients entrust us with every day.

comments powered by Disqus

By submitting this form, you agree we may contact you in the manner described in our Privacy Policy