Seattle based Soracom, a provider of a globally used IoT platform, has announced that it has successfully achieved SOC 2 Type 2 certification.
According to its own press release, Soracom demonstrates that its cloud-native network and connectivity solutions meet high security standards and ensure the confidentiality of sensitive data.
SOC 2 Type 2 is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It evaluates how companies manage customer data based on five “Trust Service Principles“: security, availability, processing integrity, confidentiality, and privacy.
Achieving Type 2 compliance confirms that Soracom’s systems and controls have not only been designed to meet rigorous requirements but have also been tested over an extended period to verify their effectiveness.
The implementation and ongoing operation were assessed to ensure they meet the Trust Services Criteria. Soracom provides IoT connectivity and management solutions to over 20,000 customers worldwide and emphasizes that the certification is particularly relevant for companies with highly sensitive or business-critical IoT applications. The goal is to protect customer data and systems not just theoretically, but demonstrably in practice.
Soracom is not the only provider committed to verified security: other international IoT connectivity and platform providers such as Twilio (with its IoT division), Particle, and Losant have also successfully achieved SOC 2 Type 2 certification in recent years.
The reason is simple: more and more companies demand official proof from their service providers that not only technologies but also organizational processes and internal controls are regularly audited.
The certification itself is not an exclusive feature – but it signals to customers that the provider is continuously subjected to independent audits and does not leave security standards to chance. For all players in the IoT market, this is increasingly becoming a requirement rather than just a “nice-to-have.”
Summary: What is SOC 2?
- US auditing standard from the American Institute of Certified Public Accountants (AICPA)
- Evaluates: security, availability, processing integrity, confidentiality, privacy
- Type 1: Examines whether controls exist and are suitable at a specific point in time
- Type 2: Examines whether these controls are effectively operated over several months
SOC 2 is now considered the de facto standard for cloud and IT service providers to demonstrate to their customers: “Your data is demonstrably secure with us.”
User Review
( votes)
