PCI Compliance

SOC 2 Type 2 Certification Update

Spreedly has updated its SOC 2 Type 2 credentials, affirming our strong commitment to cybersecurity for all payments stakeholders.

Written by
Rachel Fine
Publication Date
May 13, 2022
Social Share
Newsletter

Subscribe

Don’t miss our latest news and updates

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Spreedly has updated its SOC 2 Type 2 credentials, affirming our strong commitment to cybersecurity for all payments stakeholders. We have passed our 2021 SOC 2 Type 2 audit with no exceptions.

Based on the Trust Services Criteria, the report confirms compliance in two key areas:

  • Security: Spreedly’s systems are protected against both physical and logical unauthorized access attempts 
  • Confidentiality: Information designated as confidential is protected as committed or agreed
“Providing a comprehensive security program is crucial in our industry and key for the services we offer. As Spreedly continues to grow, we will remain focused on maturing the technology and processes as it relates to security and compliance,” commented Spreedly’s Chief Information Security Officer, Jennifer Rosario. “Fortunately, the intentional actions we take every day in our security program align directly with our ability to comply with various regulations and control frameworks. We are pleased to expand our SOC 2 Type 2 certification to not only the security trust criteria but also the confidentiality trust criteria this year, which reinforces the commitment to security our customers expect.”

System and Organization Controls (SOC) is a suite of service offerings Certified Public Accountants (CPAs) provide in connection with system-level controls of a service organization or entity-level controls of other organizations. It is a reporting framework through which organizations can communicate relevant information about the effectiveness of their cybersecurity risk management program. It also allows CPAs to report on such information to meet the cybersecurity information needs of a broad range of stakeholders.

SOC 2, which stands for Service Organization Control 2, is an audit that deals with a service organization’s controls around protection and privacy of data. SOC 2 was designed by the AICPA for service providers storing customer data in the cloud. SOC 2 is an auditing and reporting engagement for companies that have cloud infrastructure.

To learn more about how Spreedly takes proactive steps both online and offline to ensure your customers’ financial information is secure, while still allowing you to process transactions seamlessly, visit https://www.spreedly.com/security-compliance

Download the PCI Compliance eBook Below

Ready to turn possibilities into payments?

Get Started