Security and Compliances
CEDCOSS compliance with SOC 2, ISO 27001 and GDPR
Our customers are spread across the world, which requires us to establish a strong security foundations based on industry standards, compliance, and regulations. Henceforth Cedcoss and its Verticals i.e Cedcommerce, MakeWebBetter, Magenative, WPSwings adhere to SOC 2 (used widely in the United States) and GDPR (an EU legislation and a gold standard for Data Privacy), along with ISO 27001, to ensure that we have the right indicators for our customers to trust us with their data and processes.
Compliance certifications and regulations
The predominant compliance standard used across the US, SOC 2 compliance is part of the American Institute of CPAs’ Service Organization Control reporting platform. Its intent is to ensure the safety and privacy of our customer’s data. It outlines five trust service principles of security, availability, processing integrity, confidentiality, and privacy of customer data as a framework for safeguarding data.
This internationally recognized standard calls for an Information Security Management System (ISMS) in an organization. Such a system ensures that information processed within the organization can be appropriately administered.
We operate through an opt-in model for information acquisition, which means that whenever we process your information, we ask for your consent to do so. You can withdraw your consent anytime you want. GDPR is an EU legislation that provides privacy protection guidelines for organizations operating in the EU.
Our commitment towards compliance?
Information security and privacy is the inherent part of Cedcoss values . To optimize our Infosec compliances, we have automated our compliance processes so that they can run on auto-pilot and we can ensure compliance 365X24X7.
- An automated GRC platform to manage compliances with all three standards under the guidance of our 3rd party compliance vendor .
- Our security posture is being regularly reassessed and aligned with these standards.
- We have centralized all our compliance-related artifacts and tasks on the platform for SOC 2 and ISO 27001 and GDPR.
- We have all the Infosec policies in place to adhere to these protocols
- We have made infosec training a compulsory part of onboarding for new resources.
- A tried and tested framework in place to identify and mitigate potential slippages in real-time.
What do these compliances mean for our customers?
These compliances fortify our commitment to Information Security and Data Privacy and assure our customers, partners, and vendors that we adhere to secure infosec practices across the board.
This also means that we take proactive measures to protect any data residing with us, and you, as our customers, can sit back and relax because your data is in safe hands.
For detailed information on our security posture click here
Email Contact – firstname.lastname@example.org