Eskuad is Now SOC 2 Type II Compliant.

Our commitment to data security and protection of our customers, continues.


Eskuad’s Commitment to the Highest Levels of Security Possible 

Following our achievement of SOC type I compliance in March 2024, Eskuad has now achieved the SOC 2 type II compliance, given by The American Institute of Certified Public Accountants (AICPA). The report covers IT general aspects while providing assurance over controlled environments related to data availability, confidentiality, processing, retrieval, security, storage, and transfer.

 

What is SOC 2 Type II & Why is it important?

SOC 2 or Service Organization Controls 2 is a framework that is governed by the American Institute of Certified Public Accountants (AICPA). With a SOC 2 type II audit, an independent service auditor will review an organization’s policies, procedures, and evidence to determine if their controls are designed and operating effectively. This report communicates a company’s commitment to data security and protection of customer information.  

 

Optimizing all security aspects of our organization 

SOC 2 compliance exemplifies an organization’s commitment to their customer’s trust and is a major milestone towards improving their overall security posture. With increasing cybersecurity threats and data breaches, it is paramount that organizations prioritize information security and the protection of their systems and data. By undergoing a SOC 2 type II audit, our controls and processes were validated by a third-party who attests to the functioning of the controls relevant to our application. 

Why we pursued SOC Type II 2 now

As the most flexible field data platform in the market today, Eskuad is committed to seek the highest levels of security and compliance for its operations, as well as to ensure the integrity of all of our customer’s data in order to retribute the trust that over 300 organizations around the world have deposited in us and our team. By receiving the SOC 2 compliance, we match that commitment with actions that evidence our dedication and the security posture Eskuad maintains day to day.

SOC 2 compliance is an integral step in proving to customers, stakeholders, and interested parties that our organization values their trust and has effectively implemented security controls. At our company’s stage, we realized that it was an ideal time to pursue this as it is important to protect data and mitigate potential security risks early and on an ongoing basis. 

 

Eskuad’s journey to SOC 2 compliance

Compliance Partners  

  • Vanta 

We partnered with Vanta, the leader in the Trust Management space, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data.

  • Advantage Partners 

Our audit firm, Advantage Partners, was extremely helpful in creating a seamless audit experience. With their guidance and support, we were able to achieve SOC 2 compliance in a swift, efficient manner. 

Process 

While SOC 2 can be a big undertaking, our compliance partners streamlined the process. We leveraged Vanta to integrate our key systems and guide us in quickly implementing policies and procedures to become audit-ready. Vanta gave us the direction we needed to pursue our compliance journey. 

Advantage Partners then confirmed our audit readiness, and we kicked off our Type II audit. For the audit, Advantage evaluated the controls we have in place and opined on their state. Shortly after our audit window ended, Advantage Partners drafted and issued our report. 

Timeline 

One key takeaway is understanding that improving our security posture and achieving compliance is a monumental task. This can be made easier with the right compliance partners but it will take dedicated focus and time from your organization. The readiness period can take the most time but we were able to make compliance a priority to get audit ready in a matter of weeks versus months. 

We also found it important to review the audit timeline with Advantage Partners, set an ideal audit date, and then work backward to be ready in time. However, now that controls are implemented and security is a priority for our team, subsequent SOC 2 audits will be even more seamless. 

 

 

Lessons we learned 

help-illustration_2

Improving security and achieving compliance can help scale your business 

  • Vendor security reviews are highly requested in sales cycles, and SOC 2 type II can help unblock that business. 
  • Mitigating risk early will protect your business and earn the trust of prospects and customers. 

 

Knowing your stakeholders in the compliance process 

  • Deciding which internal stakeholders are needed for policies, procedures, and engineering tasks. 
  • Your entire organization will be involved in improving security and adhering to procedures. 

 

The right partners are key 

  • Finding a tool to guide you through the process. 
  • Partnering with an audit firm that is dedicated to your success. 

 

“Achieving the SOC 2 type II compliance is yet another milestone in Eskuad’s continuous commitment to ensure the wellbeing of all of its customers' data while operating with the highest standards of security possible in our quest to make the complexity of fieldwork as simple as possible”.

Similar posts

Get notified

Sign up for our newsletter to learn about Eskuad´s new features, updates, and exciting industry trends.

Subscribe Here!