SecureLink is Service Organization Controls (SOC) certified, which verifies our security posture and how seriously we take your company’s cybersecurity strategy.
The SOC audit is a third-party examination of security controls based on the Trusted Services Criteria (TSC), a set of best practices and standards that were put in place by the American Association of Certified Public Accountants (AICPA). This is a widely recognized certification and the gold standard for third party security audits.
Within SOC, there are several versions of SOC reports a company can get:
There are also two types of reports:
SecureLink has its SOC 2, Type 1 report. Looking ahead to 2021, SecureLink will be obtaining a SOC 2, Type 2 in 2021 once the one year study period has elapsed. Because this information is highly sensitive, it requires a nondisclosure agreement to be shared.
In the energy or utility space, the NERC/FERC regulation updates to the Critical Infrastructure Protection (CIP) rules went live in October. These updates included CIP-013-1 (a new rule requiring supply chain cyber risk management processes), CIP-010-3 (relating to configuration change management), and CIP-005-6 (perimeter security).
There are many features of SecureLink that help you meet the supply chain security requirements in CIP-13. Contact your Customer Success Manager for more details on ways you can be using SecureLink to help you comply with these new regulations.