EMnify Completes Clean SOC 2 Type II Examination

• Cloud communication platform provider delivers clean SOC 2 report, validating security-first customer commitment
   
• EMnify’s newly completed SOC 2 Type II report follows SOC 2 Type I completion in November 
   

BERLIN, February, 10, 2021 – EMnify, the leading cloud communication platform provider for IoT, today shares its completed clean Service Organization Control (SOC) 2 Type II examination with customers. Conducted by KirkpatrickPrice, the audit affirms information security practices, policies, procedures, and operations meet the rigorous SOC 2 standards for security and availability. 

Defined by the American Institute of CPAs (AICPA), SOC 2 ® defines trust criteria for, in EMnify’s case, security, and availability of its services. For each criteria a company must have one or more controls in place to ensure that the criteria can be met.  

SOC 2 Compliance and Processing Customer Data 

The importance of meeting the SOC 2 requirements when processing customer data cannot be overstated. SOC 2 reports – unique to each organization – provide a company’s external stakeholder groups with important information about how that company manages its services and customer data. There are two types of SOC reports: 

• Type I, which EMnify completed in November, describes a company’s systems and whether their design is suitable to meet relevant trust principles.  
• Type II, which EMnify completed in January, details the operational effectiveness of those systems over the audit period. 

Martin Giess, EMnify CTO and Co-Founder, comments: “Achieving SOC 2 certification is a significant milestone in EMnify’s company history, and a valuable independent assessment of our information security practices. We are happy to assure our customers and all our stakeholders that working with EMnify means working with a security-first provider.”  

What Does Compliance Mean? 

By achieving SOC 2 Type II compliance, EMnify has demonstrated its organization, systems and processes are designed to keep customers’ sensitive data secure and to successfully deliver its service to customers. Prospective customers seeking a provider like EMnify, will find that SOC 2 Type II is the most useful certification when considering a possible service provider’s security credentials.

EMnify will remain a security-first communication platform provider for IoT and will continue to take this certification very seriously.  

SOC 2 general information 

A clean SOC 2 report is provided by external auditors after a formal SOC 2 examination process. Based on the systems and processes which a company has in place, the auditors analyze and assess to what extent a company complies with the below five “trust principles.” Which of the principles are included in the scope of the examination depends on each organization and its services. 

Five Trust Principles: 

• Security: Protection of system resources against unauthorized access. 
• Availability: Accessibility of the system, products or services as stipulated by a contract or SLA. Monitoring network performance and availability, and security incident handling are critical. 
• Processing integrity: Does a system achieve its purpose? I.e. deliver the right data at the right price at the right time. 
• Confidentiality: Data is considered confidential if its access and disclosure is restricted to a specified set of persons or organizations.
• Privacy: Collecting, using, disclosing and disposing of personal information in accordance with company privacy notice. 

For more information on what the SOC 2 examination entails and what purpose it serves, please visit the AICPA website.  

EMnify customers that would like to receive more detailed information can reach out to their customer success representatives.