We’ve always held data security as a top priority here at Slingshot, and the companies we work with feel the same way. Your personal data should be treated as something precious; kept under a digital lock and key. But just caring about data security doesn’t mean much if you haven’t implemented the proper processes and controls to put that caring to action.
One way companies can ensure they are keeping user data secure is to become System and Organization Controls (SOC 2) compliant. SOC 2 is an auditing procedure created by the American Institute of Certified Public Accountants (AICPA) that guarantees a company can safely handle a company’s data and interest. This process ensures that a firm has the five trust service principles: privacy, security, availability, processing integrity, and confidentiality.
To be legitimately SOC 2 Type 1 compliant, a SOC 2 Type 1 report must be issued by a 3rd-party auditor. The auditing firm assesses if a provider complies with all five trust principles based on the safety measures, procedures, and controls the company has implemented. The process is incredibly rigorous and an enormous undertaking. Slingshot is happy to announce we’ve completed our audit and are officially SOC 2 Type 1 compliant as of December 10th!
To achieve this level of security compliance, Slingshot has made enhancements to our internal controls, HR policies, security procedures, and confidentiality protections. We’ve updated our practice, procedures, and standards to ensure proper compliance to protect the data of our clients.
“We’ve worked very hard to achieve this milestone,” said Slingshot CEO David Galownia. “Data security is incredibly important in this day and age, and it’s easy for companies to let security fall to the wayside. It takes real effort to have proper procedures and controls in place and to make sure they’re enforced. Clients put enormous trust in our firm and we want to make sure we’re doing everything we can to protect their interests. With the SOC 2 Type 1 report now in hand, it’s another form of proof we care deeply about data security for our clients.”