Jotform Enterprise now offers System and Organization Controls (SOC) 2 Type II-compliant servers and we’ve received our first SOC 2 Type II report from our independent auditor, Auditwerx. Protecting your data is our primary concern, which is why we consistently maintain the highest global security standards.
This recent achievement demonstrates our company’s commitment to maintaining processes, systems, and collaboration that prevent potential security breaches and respond to potential threats.
What is SOC 2 compliance?
Developed by the American Institute of CPAs (AICPA), the SOC 2 framework is an internationally recognized security compliance standard for Software-as-a-Service (SaaS) companies. Acquiring this credential demonstrates a company’s commitment to implementing and maintaining effective information security controls.
To achieve compliance, the organization had to pass a technical audit, which required independent verification that Jotform Enterprise has not only established, but also follows, strict information security policies and procedures encompassing the 5 Trust Services Principles (TSP) defined by the Assurance Services Executive Committee of the American Institute of Certified Public Accountants (AICPA). These principles are security, availability, processing integrity, confidentiality, and privacy.
Why is SOC 2 compliance so crucial for data security?
SOC 2 Type II compliance requires an extensive auditing and documentation process that ensures best practices are in place to prevent, detect, and repair any threat to data security. This process can take up to 12 months and ensures multiple layers of protection are set up to prevent and address threats.
Some of the SOC 2 Type II audit activities conducted to ensure the reliable delivery of services include
- Confirming the operational effectiveness of networks, hardware, and facilities used to deliver Jotform Enterprise services
- Testing procedures related to data security and data encryption
- Evaluating our software development processes, including managing changes to applications and databases
- Ensuring individuals who support the delivery of services to customers are properly vetted and trained
What does the SOC 2 Type II compliance report mean for Jotform Enterprise customers?
As a Jotform Enterprise customer, you can request to be provisioned in our SOC 2-compliant environment, which is great for HIPAA compliance and offers robust access controls for stored data, disclosure, and complete encryption. Selecting this option assures you that we have taken every opportunity to pressure-test our systems, procedures, and staff, so your data stays secure.
Through this effort, we have built the best practices of the SOC 2 framework into our daily operations. SOC 2 compliance provides an added layer of security and confidence, on top of our already existing security and data protection offerings, which include local data residency, HIPAA-friendly forms, and single sign-on integrations.
If you’re a Jotform Enterprise customer, please contact your account representative to receive a copy of the SOC 2 report. If you aren’t currently a Jotform Enterprise customer, please contact our team, and a representative will reach out to you with details.
For more information about Jotform’s SOC 2 features, you can watch this webinar: