Archives

Decodable Achieves GDPR Compliance, Receiving Industry Validation of Enterprise-Level Security

Decodable Achieves GDPR Compliance_ Receiving Industry Validation of Enterprise-Level Security

Decodable, the real-time data engineering company, announced that it has achieved GDPR compliance in accordance with AT-C 315, with criteria established by the American Institute of Certified Public Accountants. Decodable handles customer data with the highest standards for security and compliance, as is confirmed by this industry validation.

The audit was completed by Prescient Assurance, a leader in security and compliance attestation for B2B SaaS companies worldwide. Prescient Assurance is a registered public accounting firm in the US and Canada and provides risk management and assurance services which includes but is not limited to SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA and CSA STAR.

“It’s important that our customers know Decodable has secured the industry standards that demonstrate our commitment to properly handling the data in their care,” said Eric Sammer, founder and CEO of Decodable. “For that reason, we actively pursue respected attestations like SOC 2 Types I and II, and now GDPR. These standards and the rigorous audits they require are table stakes as we scale enterprise adoption of our streaming data platform.”

To see a copy of the Independent Service Auditor’s Report on Controls Relevant to GDPR Compliance for Decodable, and for more information on how Decodable manages security,

Also Read: ToothFairy rebrands to become Cloud 9 Ignite

The Decodable Information Security Program complies with SOC 2 Types I and II and GDPR in accordance with AT-C 315. SOC 2 is a widely known information security auditing procedure created by the American Institute of Certified Public Accountants. The General Data Protection Regulation (GDPR) is the regulation in EU law on data protection and privacy in the European Union and European Economic Area.

Decodable undergoes independent third-party assessments to test our security and compliance controls. The company performs an independent third-party penetration test at least annually to ensure that the security posture of services remains uncompromised. Roles and responsibilities related to the security program and the protection of customer data are well defined and documented, and team members are required to review and accept all of the security policies.

Decodable data is hosted on Amazon Web Services (AWS), with databases and storage services located in the United States and encrypted at rest. Applications encrypt data in transit with TLS 1.2+. Access to cloud infrastructure and other sensitive tools are limited to authorized Decodable employees who require it for their roles. Where available, Decodable has Single Sign-on (SSO), 2-factor authentication (2FA) and strong password policies to ensure access to cloud services are protected. Decodable performs vulnerability scanning and actively monitors and logs various cloud services for threats. Employees complete security awareness training, and are required to complete background checks and accept an industry standard confidentiality agreement.

SOURCE: PR Web