One of the most important requirements when deciding to work with a vendor is the importance of security, confidentiality, and availability. Today, we are excited to share the news that WillowTree is SOC2 Type ll certified!
Our Commitment to Security
At WillowTree, we continue to invest in security and software security best practices to ensure the products we create for you are safe, secure and meet regulated standards. Our commitment to SOC2 will continue to push WillowTree with continuous auditing, adjustments of our processes and the technical controls needed to enforce those changes.
What Is SOC?
Service Organization and Controls (SOC) are assurance reports which provide an industry-wide acceptance that a company adheres to trust service principles. These principles, set by the American Institute of Certified Public Accountants (AICPA), are security, availability, processing integrity, confidentiality, and privacy. The SOC 2 Report specifically addresses one or more of the following five key system attributes:
Security — The system is protected against unauthorized access (both physical and logical).
Availability — The system is available for operation and use as committed or agreed.
Processing Integrity — System processing is complete, accurate, timely and authorized.
Confidentiality — Information designated as confidential is protected as committed or agreed.
Privacy — Personal information is collected, used, retained, disclosed and disposed of in conformity with the commitments in the entity’s privacy notice, and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and Canadian Institute of Chartered Accountants.