Every day, threats to digitally-stored data grow in number and in complexity. With multiplying types of malware in today’s digital world, cloud-based software providers must build solutions with information security at their core. In order to protect customers and their sensitive data, software companies must be in a constant state of review of their products’ data security protocols.
Still, it is natural for any organization to have blindspots when it comes to its own offering. It’s why third-party organizations develop compliance certifications – to lay out an objective set of criteria for companies to meet in order to confirm that their products offer a certain level of data security.
The American Institute of Certified Public Accountants (AICPA) has developed perhaps the most sought after data security certification – the SOC 2 Type II. And, on November 17, 2022, CoreLogic/Next Gear Solutions officially earned this certification for its three SaaS-based offerings – DASH, MICA, and SettleAssist.
The SOC 2 Type I certification verifies that software manages customer data with the most advanced data security protocols. The SOC 2 Type II certification goes a step further, confirming that DASH, MICA, and SettleAssist not only have the most advanced protocols in place, but also that they are operationally effective. Examples are features and functionalities like password management, two-factor authentication, disaster recovery, process monitoring, and encryption (just to name a few).
The SOC 2 Type II certification process involves a stringent and time-intensive audit, which is always conducted by an AICPA-authorized third-party organization. CoreLogic/Next Gear worked with auditor Grant Thornton, who prepared CoreLogic/Next Gear to make all the product changes necessary to achieve SOC 2 Type II certification for DASH, MICA, and SettleAssist. These were process changes, technological changes, policy changes, documentation changes, programmatic changes, and more. It took nine months and multiple CoreLogic/Next Gear teams to get all three solutions up to standard.
Finally, CoreLogic obtained the AICPA’s final report on November 11, 2022, and the products were officially certified on November 17, 2022.
Pursuit of this endorsement came at the request of a customer, but CoreLogic/Next Gear teams are thrilled to announce this SOC 2 Type II status to all customers, prospects, and partners.
CoreLogic/Next Gear won’t rest on its laurels, though: remaining SOC 2 Type II certified requires annual audits. Currently, the company is in its second audit period, which will end on September 30, 2023.
Everyone involved in this tireless yet invaluable journey has learned a lot about data threats and security. The resounding takeaway, though?
There is no rest for the weary – or data security.