All companies claim they “care about security”. But talk is cheap, so instead of talking, we act!

Finverity is now officially SOC2 Type 2 certified. What does that mean? Let’s find out from our Chief Technology Officer, Oleg Levitsky.

What is SOC2?

SOC 2 is a framework that provides standards for information security and offers a verified method for evaluating and certifying security infrastructure. In simple terms, it confirms we have gold standard measures in place to protect our clients.

The security policies and practices for SOC 2 are organised around five criteria known as the Trust Service Criteria (TSC).

They are:

(CC) ‍Security: protecting data from unauthorised access.

(A) Availability: ensuring data can be accessed when needed for business use.

(C) Confidentiality: restricting unauthorised access to systems and data.

(PI) Processing integrity: ensuring systems process data accurately and reliably. 

(P) Privacy: protecting the rights of consumers and their data. 

To attain our SOC 2 accreditation, we underwent a rigorous SOC 2 audit conducted by a third-party auditor, evaluating our security infrastructure against these five criteria.

What is important to understand is that this is not a one off audit.The monitoring period is continuously revolving. Shoutout to VANTA for the awesome tech that allows us to audit our code and systems 24/7 to make sure they are compliant.

With the accreditation in hand, we can promptly showcase to clients (both existing and potential) that our security infrastructure meets a high, yet imperative, standard.

Why is it important to Finverity?

The process of getting SOC 2-ready has helped us implement a strong information security infrastructure. We have best practices and safeguards to lower the risk of a data breach and the expensive consequences that accompany it. 

According to IBM security, the average cost of a data breach is $4.45 million. This includes costs like additional compensation for employees addressing the breach, fines or penalties, and the revenue loss resulting from customers opting to switch systems.

This is significantly higher for banks and non bank financial institutions. If it’s top of mind for our clients, it’s top of mind for us!

Why should our clients care?

Transparent Security:
We are under 24/7 monitoring to maintain our Soc 2 Type 2 certification via automated systems. If we slip, you’ll know!

Easy onboarding:

The absence of a Soc 2 certification turns the onboarding process into a nightmare for procurement teams. Finverity has been and always will be quick and easy to onboard and implement.

Accountability:

Detailed audit trails, data permissions and privacy are core to any financial institution. As such, they’re core for us!