After a rigorous evaluation and auditing process, Utmost is pleased to announce that we have received our SOC 2 Type II attestation! Along with our ISO 27001 certification, this demonstrates Utmost’s core commitment to security and data privacy as core values of our business. Our SOC 2 certification represents a valuable addition to our enterprise-grade product suite that supports customers in even the most highly regulated industries such as finance, telecommunications, and healthcare.
SOC 2 Type II reports are the most comprehensive certification within the Systems and Organization Controls protocol. It is an independent assurance that our policies and controls around management of data and security are maintained and implemented to the highest standards.
Below is an interview with Utmost’s Chief Technology Officer, Paddy Benson, on the importance of the certification for our customer’s security.
What is SOC 2?
Paddy Benson: SOC 2 is a framework to ensure data in the cloud is safeguarded and remains private. It outlines five trust service principles of security, availability, processing integrity, confidentiality, and privacy of customer data. It’s part of the American Institute of CPAs’ Service Organization Control reporting platform.
Why is this important?
Paddy Benson: Every major organization has its own security posture to protect its customers and stakeholder data. We’ve put a rigorous set of policies and controls in place to manage data security throughout our org. This extends from vendor management, internal data flows, storage, customer data, how we hire, performance management, job descriptions, internal processes, and more.
Anyone who partners with Utmost has the security of knowing this is an evidence-based, detailed process that we continue to uphold for all data.
What steps did Utmost take to achieve SOC 2 Type II?
Paddy Benson: We took the stance from the very beginning of creating Utmost that security and data privacy by design would be a core value. We wanted to earn the right to sell to the enterprise. We take this very seriously, especially as a small company. We are serious about data and information security. Our goal was to set strong processes and controls from the onset and continuously show evidence of how we are doing this daily.
The actual certification took about a month to collect and present all of the data necessary to receive the certification.
Information security is a mindset. We will continuously evolve to adapt to new issues and challenges that arise with data security. We are committed to being a trusted technology partner for our customers and mitigating current and future risk.
Utmost, the first Extended Workforce System, offers solutions for the enterprise and its extended workforce, including temporary workers, consultants, vendors, freelancers, contractors, gig workers, and more. Our worker-centric platform combines data for all external workers with employee data for one total workforce view.
Every month we host a two 30-minute demo webinars. If you’d like to learn how Utmost is helping clients reimagine their extended workforce system, please join us for our next monthly demo.