SOC 2 Type 2 Certification

Spreedly has secured yet another important addition to its strong commitment to cybersecurity for all payments stakeholders — it has passed its SOC 2 Type 2 audit with no exceptions.

Direct from our Chief Information Security Officer, Chris Hudel:

“We recognize that core to our success is trust from our customers. We are incredibly proud to further reinforce that commitment to security and compliance to support our growing, global customer base through this audit. As we continue to expand, the expectations for our technology and processes do too. It is exciting to build upon our PCI compliance which focuses on card vaulting and add to it the SOC 2 Type 2 certification which looks at the broader organization’s initiatives.”

System and Organization Controls (SOC) is a suite of service offerings Certified Public Accountants (CPAs) provide in connection with system-level controls of a service organization or entity-level controls of other organizations. It is a reporting framework through which organizations can communicate relevant information about the effectiveness of their cybersecurity risk management program. It also allows CPAs to report on such information to meet the cybersecurity information needs of a broad range of stakeholders.

SOC 2, which stands for Service Organization Control 2, is an audit that deals with a service organization’s controls around protection and privacy of data. SOC 2 was designed by the AICPA for service providers storing customer data in the cloud. SOC 2 is an auditing and reporting engagement for companies that have cloud infrastructure.

To learn more about how Spreedly takes proactive steps both online and offline to ensure your customer’s financial information is secure, while still allowing you to process transactions seamlessly, visit https://www.spreedly.com/security.

‍