Data security — it’s increasingly becoming a top concern for consumers. A 2022 Ipsos poll found 84% of Americans reported being concerned about the safety and privacy of their data. And with recent breaches from big names like Microsoft, News Corp, and Red Cross, it’s easy to see why.
But businesses and service providers can actually use this growing concern to their advantage.
By partnering with vendors that take data security seriously.
At WhatConverts, we know data security is at the top of your clients’ minds. It’s why we’re proud to announce that we’ve successfully earned SOC 2 Type 2 compliance, one of the most stringent measures of data security.
of Americans reported being concerned about the safety and privacy of their data.
Here’s a brief breakdown of SOC2 Type 2 compliance and what it means for you, your clients, and your business as a whole.
First things first, let’s go over what SOC 2 Type 2 is.
Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 is a type of Service Organization Control (SOC) audit. These audits examine the risks associated with using a service provider by reporting on their use of industry best practices. SOC 1 focuses on financial controls, while SOC 2 is more concerned with information security, confidentiality, and privacy.
For a service provider to be SOC 2 Type 2 compliant, they need to follow exceptionally rigorous data security control processes. They also need to pass examination from an independent CPA firm.
Control factors considered during SOC 2 Type 2 audits include:
There are two types of SOC2 audits: Type 1 and Type 2.
Type 1 is designed to examine internal control procedures at a single point in time. For instance, a Type 1 examination may look at how a service provider stores passwords in their system at the time of testing.
Type 2, on the other hand, is even more involved. These audits take place over a large stretch of time—usually over the course of 6 months. As a result, measures are tested more extensively. And certification gives a more complete picture of a service provider’s data security practices.
So, why does all this matter? And what does WhatConverts’ SOC 2 Type 2 certification mean for your business?
There are a few things at play here:
of consumers say they’re more likely to trust companies that show a real commitment to protecting their customers’ information.
While earning SOC 2 Type 2 compliance is a major win, it’s just one part of our overall security plan, which includes the following:
We take pride in the level of data security we provide for marketing agencies like yours. Not because we have to. But because it’s the right thing to do.
Gaining SOC 2 Type 2 certification is no easy process.
First and foremost, service providers must be audited by an independent CPA firm. At WhatConverts, we partnered with Prescient Assurance LLC, a leading provider of attestation and compliance services.
Prescient conducted an independent and thorough audit of WhatConverts’ servers, systems, and products from July 15, 2022, to January 15, 2023. It was also conducted under the SOC 2 compliance framework provided by the American Institute of Certified Public Accountants.
To gain certification, a service provider must be tested against one or more of the AICPA’S Five Trust and Integrity Principles:
WhatConverts’ successful SOC 2 Type 2 examination focused on the Security Principle, which tested our information and systems against more than 100 different control factors over the course of several months.
Consequently, we’ve been certified as being thoroughly protected against unauthorized access, disclosure of information, and damage to systems.
We understand the importance of data security. Not just for our clients, but for their customers as well.
That’s why we hold our commitment to keeping your information secure as our highest priority. We’re serious about data security. Because your customers are too.
We plan to follow through on that commitment to earning your trust by:
We’re proud to say our earning of SOC 2 Type 2 certification is just one step in creating a more secure industry for your customers. Because we built WhatConverts to empower you to be more successful without ever having to compromise your (or your customers’) data security.
One of our marketing experts will give you a full presentation of how WhatConverts can help you grow your business.Schedule a Demo
The CCPA (also known AB 375) is the California Consumer Privacy Act. As of January 1st, CCPA compliance is essential...
WhatConverts monthly product development updates and features.