Gable is SOC 2 Type II Compliant
We are proud to share that Gable has officially achieved SOC 2 Type II compliance. This means that our data protection practices have been audited and validated to ensure our services are secure, available, and confidential.
What is SOC 2 compliance?
SOC 2 is a voluntary security standard specifically designed for companies offering cloud-based products, with a focus on how those companies handle and protect customer data. The guidelines for SOC 2 compliance are established by the American Institute of Certified Public Accountants (AICPA).
Why did Gable pursue SOC 2 compliance?
For cloud-based software companies, any cyber attack, data breach, or ransom attack could expose highly secure client data. At Gable, one of our company’s values is being “customer obsessed.” This extends to how we treat our security and data, ensuring that we protect our services from anything that would impact our clients.
Being SOC 2 compliant allows us to demonstrate our commitment to data security to our customers, partners, and any other stakeholders we work with. It serves as third-party validation that we meet the universally-recognized benchmark for information security. Moreover, it assures our customers and partners that we have implemented the highest level of information security policies, controls, and practices, earning their trust.
How does a company pass a SOC 2 audit?
Our audit delved into three key trust services criteria:
- Security
- Confidentiality
- Privacy
Multiple tests were conducted to guarantee the correct implementation and operating effectiveness of our controls. We worked with Scytale to customize the suited controls to fit Gable's infrastructure, data, processes, personnel, and software. Controls were implemented pertaining to:
- Cloud infrastructure security
- Information security risk management
- Accounting of PII (Personal Identifiable Information)
- Device security management
- SDLC Change Management
- Asset management
- Multi-factor authentication
- User access review
- Threat detection
- Change management procedures
- Data encryption and more
What does this mean for Gable customers?
Gable customers now have another layer of reassurance that any data of theirs that lives in our systems is secure, confidential, and private. We regularly work with compliance and legal teams, as the safety of employee and client data is something any vendor you work with should make a priority.
Compliance and security protocols are an ongoing commitment. Beyond our SOC 2 audit, we will continue to update our policies and procedures, monitor our security systems, and prioritize information security to ensure we provide the best experience for our customers.
Please reach out to our support team if you have any questions about our security practices or would like more information.