by Anna Schmitt

Envoy is the only Visitor Management System to be SOC 2 certified

You need to protect what’s important to your business: your visitors, employees, intellectual property, physical office space. The technology you use to support these efforts should be the last thing you worry about being secure. As the only visitor management system to meet SOC 2 security standards, Envoy can give you the confidence to enhance your workplace security while continuing to provide an incredibly smooth, effortless experience for guests arriving at your front door.

SOC 2 was developed by the American Institute of CPAs (AICPA). It defines criteria for how companies should manage customer data, based on the five “trust service principles” of security, availability, processing integrity, confidentiality and privacy. Unlike other compliance regulations, SOC 2 reports are tailored to each company’s specific business practices. Each company designs its own controls to comply with one or more of the trust principles. Then, a independent third party audits the security practices and verifies the claims in the form of a SOC report.

There are two types of SOC reports:

  • Type I describes a company’s systems and whether their design is suitable to meet relevant trust principles. This is the type of SOC report that Envoy now holds.
  • Type II details the operational effectiveness of those systems. We are working toward obtaining our SOC Type II report before the end of the year.*

You may be wondering how this affects you, our customer. Here are a few ways our customers will benefit from our SOC 2, Type 1 security recognition.

  • Our SOC 2, Type 1 report validates that our security controls are appropriately designed to effectively mitigate risk. So you can feel confident in our team’s ability to maintain the security of your information.
  • You’ll know that security is at the forefront of our company priorities, with verifiable processes and controls throughout our day-to-day work—like always using 2-factor authentication, encrypting computers, logging administrator actions, tracking access grants using verified policies, and following repeatable processes for a consistent secure customer experience.
  • It’s now easier than ever to verify our security practices and make sure they measure up to your company’s needs. Upon request we will share our SOC 2, Type 1 report with you so you can see for yourself.
  • Part of SOC 2, Type 1 is the agreement to have ongoing audits of our security practices. So you’ll know that we are always up to date and keeping security in mind.

With Envoy, you can focus on enhancing the security of your office, knowing that you’re using a visitor management system with the best security practices in the industry.

*https://www.incapsula.com/web-application-security/soc-2-compliance.html