Blog

Wipster is SOC 2 Type 2 Certified

Written by Wipster Content Team | May 26, 2022 6:00:00 AM

Wipster achieves SOC 2 Type 2 compliance, furthering our commitment to security

At Wipster, we understand that security is a key requirement for our customers. To further our commitment to our customers we have undertaken a process to become SOC 2 Type 2 certified and have achieved this in May 2022!

The journey of SOC 2 compliance started in response to the needs of our Enterprise clients. They have many vendors to manage and for each they need confidence that the vendor is treating security seriously and doing all the things we expect of modern SaaS (software as a service) vendors. Having SOC 2 compliance is a great way of demonstrating this. 

The first step were our policies, ranging from an internal Code of Conduct to Risk Management. From this we derive our processes. This can range from the seemingly-mundane requirement that staff leaving Wipster are removed from all systems in a timely manner, to ensuring we have a yearly security audit. 

The yearly security audit is a great example of our commitment to security. Each year we hire a third party company to perform a full security audit of our platform. They do their best to find any / all possible vulnerabilities in our platform. If there are any issues we aim to resolve them quickly. 

Preparing for SOC 2 required a critical evaluation of all aspects of our business to ensure we not only met our policies and procedures but were meeting all the other requirements of SOC 2, which are based on best practices. For example: if we hire a contractor, ensure they sign an NDA and read our Code of Conduct. 

SOC 2 has two types

  • Type 1 is a point in time audit
  • Type 2 assesses those controls over a period of time

We pursued SOC 2 Type 2, which meant an auditor was observing us for several months to confirm we had all the required information in place and that we were following the policies and procedures we put in place. 

 

Overall the process of preparing and the audit took us about 9 months. Fast forward to May 2022 and we have achieved SOC 2 Type 2 certification!

While the work was originally started for our Enterprise users, it benefits all of our clients. With SOC 2 Type 2 compliance you can have confidence that Wipster takes your security seriously, and your content is safe with us.