Because when it comes to security, it’s gold standard or go home.
In our ongoing commitment to ensuring the safest, most secure environment for our customers and their users, we’re thrilled to announce that Argyle successfully completed an independent SOC 2 Type 2 examination attesting to the stringency of our privacy and security policies and protocols. That might not sound like much, but in the world of data security, it’s a pretty big deal. Here’s why.
The significance of SOC 2 Type 2
SOC 2 Type 2 is a specific class and level of SOC (Service Organization Control) report—a system of standards created by the American Institute of Certified Public Accountants (AICPA) to ascertain the steps an organization takes to safeguard data and the effectiveness of those controls. SOC 2 Type 2 represents the most comprehensive and difficult to achieve compliance under the SOC umbrella, making it one of the most trusted and sought-after third-party security verifications.
The SOC 2 Type 2 process
A SOC 2 Type 2 examination looks at an organization’s security, confidentiality, and availability according to five key principles of trust set forth by the AICPA:
The security of a vendor’s system as defined by protections against unauthorized access
The processing integrity of a vendor’s system, meaning processing is complete, valid, timely, accurate, and authorized
The availability of a vendor’s system for operation and use as indicated in the customer agreement
The privacy of the personal information a vendor collects, retains, uses, discloses, and disposes of
The confidentiality of the information a vendor processes and maintains and how that confidentiality is protected
To qualify for SOC 2 Type 2 report, Argyle created and follows strict information security procedures that align with these principles. An accredited independent auditor was then brought in to assess the quality of said procedures and monitor our adherence to them over a six-month period (as opposed to just a moment in time, like some other certification procedures). That resulted in a detailed report assessing how well we lived up to our promises.
External and independent auditors have examined Argyle for the suitability of the design and operating effectiveness of controls throughout the period from December 1, 2020 to April 30, 2021, to provide reasonable assurance the Argyle service commitments and system requirements were achieved based on the trust services criteria relevant to security, availability, and confidentiality (applicable trust services criteria) set forth in TSP 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria).
Which is to say, we passed with flying colors.
The (secure) path forward
Despite this exciting win, Argyle won’t be resting on its laurels any time soon. We will repeat our SOC 2 Type 2 audit annually to ensure we remain up to date and in step with the most current, industry-leading security practices to the benefit of our customers and their users. Safeguarding the rights and privacy of others is, after all, core to who we are.