Apryse Completes SOC 2 Security Audit

Apryse Software Inc. successfully completed the AICPA Service Organization Control (SOC) 2 Type I audit. The audit confirms that Apryse’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security.

To achieve the certification, a company must show that its technology displays a commitment to systematic and ongoing management of information security risks that affect the confidentiality, integrity, security, privacy, and availability of company and customer information.

Fallout attacks like the SolarWinds hack, Log4j, and an array of major data breaches continue to rock the technology community. These attacks have brought technology security standards into sharp focus.

The International Organization for Standardization (ISO), American Institute of CPAs (AICPA) and International Electrotechnical Commission (IEC) are international, non-governmental bodies which depend upon members to provide expertise, share knowledge, and develop voluntary, consensus-based international standards for information security best practices. These standards enable organizations to manage the security of assets like intellectual property, financial information, personal details, and information entrusted to third parties.

Cybersecurity frameworks lay down the guiding principles and best practices that companies must follow to improve their security posture. SOC 2 is one such framework, which applies to technology companies that store and deal with customer data in the cloud. These are based on periodic risk assessments and are responsible to an ever-changing environment of threat scenarios.

Apryse employees proudly serve the organization and contribute to setting these important standards. SOC 2 helps show that Apryse is committed to and meets a certain level of information security maturity.

“Security is not just a measure to hit, it’s a change in company lifestyle. Our customers’ trust and data is paramount to us. Security has been embedded into the company since the inception of Apryse, and we are committed show it through SOC 2 and other security frameworks,” said Stan Kornacki, CISO of Apryse. This report reinforces Apryse’s commitment to providing a secure code product while maintaining the security of customer confidential information within support.

This widely recognized security standard specifies that Apryse does the following: We systematically evaluate our information security risks, considering the impact of threats and vulnerabilities. We design and implement a comprehensive suite of information security controls and other forms of risk management to address customer and architecture security risks. We have an overarching management process to ensure that the information security controls meet the needs of ourselves and our customers on an ongoing basis.

If you would like to access the report, contact us here.