At ManageXR, information security is a top priority and we understand that it is critical to all users of our platform. To that end, we recently were awarded a SOC 2 Type 2 certification!
SOC 2 certification is more than just a piece of paper. It’s a constant commitment to our customers, and it shows that we walk the walk when it comes to IT security and privacy.
What is SOC 2?
SOC 2 is an auditing procedure that ensures ManageXR is secure and our customer data is protected. It defines criteria for managing customer data based on “trust service principles” – security, availability, processing integrity, confidentiality and privacy. Our operations, risk assessment processes, information and communication practices, monitoring, and control activities were evaluated by an accredited third-party and met the standard for SOC 2 certification.
In short, the SOC 2 certification asserts that we are following industry standards and best practices to ensure that:
- Our systems and data are securely managed
- Our customer data is private
- Our organization is protected
ManageXR protects customer data
ManageXR uses several measures to protect customer data and to secure our system. We safeguard our technical infrastructure, software and data with:
- Access controls in order to prevent access to sensitive assets by unauthorized personnel.
- State of the art encryption to make sure customer data is protected.
- Network & application firewalls that prevent unauthorized access and security breaches via common attack vectors.
- Intrusion detection systems to monitor for and respond immediately to potentially malicious actions in our system.
- Critical backups to restore data in the event of major issues or outages.
- Business continuity & disaster recovery planning to make sure we are ready to respond to all types of threats.
- Documented security incident handling processes so that we can swiftly respond to incidents.
Further, ManageXR uses industry best practice to secure our people, processes policies and procedures. For example, we execute secure onboarding and offboarding of employees, and secure provisioning and deprovisioning of our devices.
The ManageXR system is secure
ManageXR establishes operational requirements that meet industry standard security commitments, laws, and regulations. These requirements are communicated in ManageXR’s system policies and procedures, system design documentation, and contracts with customers.
Information security policies define our organization-wide approach to how systems and data are protected. These policies include:
- Design and development of our service
- System operation
- Management of internal business systems and networks
- Employee hiring and training