blog post cover

Resmo Achieves SOC 2 Type I Attestation Report

We're thrilled to announce that Resmo has achieved the SOC 2 Type I attestation report, demonstrating our commitment to the highest standards of information security and data protection for our customers.

As a company that has achieved the SOC 2 Type I report, Resmo has subjected its internal controls, policies, and procedures to rigorous testing and has implemented measures that are appropriate for safeguarding customer data from unauthorized access, disclosure, or modification. 

This accomplishment highlights our unwavering commitment to upholding the security and privacy of our clients' cloud and SaaS assets and our resolve to keep improving our services.

What is SOC 2 attestation?

SOC 2 is a set of auditing standards developed by the American Institute of CPAs (AICPA) to help organizations ensure the security, availability, processing integrity, confidentiality, and privacy of their systems and data. SOC 2 reports are the most widely recognized attestation for cloud and SaaS providers. They assure customers that a service provider has adequate controls in place to protect their data.

SOC 2 defines five Trust Services Criteria that are employed to evaluate a company's processes, controls, and tools to determine if they are adequate for addressing their data privacy and security needs. These criteria include:

Security: ensuring that data and systems are protected against unauthorized access or use.

Availability: maintaining, monitoring, and optimizing the performance of infrastructure and network systems.

Processing Integrity: ensuring that systems are able to function as intended, without errors, delays, or manipulations.

Confidentiality: ensuring that data is restricted to authorized individuals or entities and not accessed by others.

Privacy: safeguarding personally identifiable information against unauthorized access, use, or disclosure.

Why does SOC 2 Type I attestation matter?

A SOC 2 Type I report, in particular, verifies that an organization's controls are suitably designed to meet the SOC 2 principles and that those controls were in place and effective at a specific point in time. It is the first step toward achieving SOC 2 Type II attestation, which requires the demonstration of ongoing control effectiveness over a period of time.

Through our attainment of the SOC 2 Type I attestation report, we are now able to share our Type 1 report with interested parties. This report provides comprehensive information on our approach to safeguarding customer data, including:

  • Measures taken to ensure customer data is protected
  • Ongoing monitoring of our security protocols
  • Protocols for responding to any security incidents that may arise
  • Employee training programs focused on maintaining and enhancing our security posture

What it means for our users

For Resmo, achieving SOC 2 Type I attestation is a significant milestone in our journey to provide best-in-class cybersecurity solutions for cloud and SaaS assets. It demonstrates our commitment to meeting the highest standards of information security and provides our customers with the assurance they need to trust us with their sensitive data.

What’s next

Our next goal is to achieve a SOC 2 Type II attestation report, which involves an ongoing monitoring period of 6-12 months. As always, we are committed to prioritizing security and will keep you updated on our progress toward this next step. To access our SOC 2 Type I report, please contact us at contact@resmo.com, and we'll be happy to provide it to you upon request.

Continue Reading

Sign up for our Newsletter