Propelo, the leading engineering excellence program, recently obtained the SOC-2 Type II certification. Undergoing an extensive certification process, the company demonstrated reasonable assurances that it met all service commitments and system-level requirements under the Trust Service Principles and Criteria framework developed by the American Institute of Certified Public Accountants (AICPA).
SOC 2 Type II is a security framework that specifies how organizations should protect customer data from unauthorized access, security incidents, and other vulnerabilities. Organizational compliance is determined through a series of tests, reporting, and independent audits over six months to a year.
Read : Global Fintech Interview with Mark Fidelman, Chief Executive Officer at SmartBlocks
Armanino, an independent auditor and one of the top 25 largest accounting, consulting, and technology firms, facilitated the process to evaluate Propelo based on many individual requirements and operational controls, including:
- Structural and operational integrity of service-level controls
- Functionality and suitability of the platform
- Operational effectiveness
- Protocols and security measures
- Access control and confidentiality
- Data integrity and accuracy
- How well is sensitive data stored, handled, and transmitted
In contending for industry-leading certification, meticulous auditing procedures verified that Propelo met the Trust Services Principles (TSP) of security, availability, and confidentiality.
Propelo’s SOC2 Type II certification reinforces its secure, multi-tenant architecture available to all enterprise-level clients. Propelo doesn’t extract and store data directly from the source; it only obtains metadata from DevOps tools. Enterprises also have complete control over which metadata can be pulled and analyzed. Finally, all data is encrypted, both at rest and in transit.
“Propelo is built using ‘Secure by Design’ principles to empower employees and security teams while maintaining the security and confidentiality of our customer’s data,” said Megha Tamvada, VP of Products at Propelo.
“SOC 2 Type II observes controls over a longer period, demonstrating a consistent security posture rather than at just a specific point in time,” he continues. “Propelo makes all efforts to prioritize information security, availability, and confidentiality.”
Propelo’s SaaS platform is hosted within the Google Cloud Platform. Through Role-Based Access Controls (RBAC), Propelo clients can restrict access to specific metrics, dashboards, and datasets. And apply access policies across organizational boundaries, levels of the corporate hierarchy, job function, and team definitions.
Read:Â Global Fintech Interview with Jitin Bhasin, Founder & CEO at SaveIN
[To share your insights with us, please write to sghosh@martechseries.com]
