Third-party Auditors Confirm the Company’s Security Best Practices, Reaffirming Baffle’s Commitment to Partners and Customers
Baffle, the easiest way to protect sensitive data, today announced its successful completion of a System and Organization Controls (SOC) 2 certification examination resulting in a CPA’s report stating that management of Baffle maintained effective controls over the security, availability, processing integrity, confidentiality, and privacy (AICPA, Trust Services Criteria) of the Baffle Platform.
The recent SOC 2 Type II report performed by independent audit firm, MJD Advisors, provides third-party validation of Baffle’s focus on privacy and security in data management. Following the in-depth review of the company’s software development practices, Baffle achieved SOC 2 Type II compliance in November 2023. The SOC 2 report is designed to meet the needs of existing or potential customers who require assurance about the effectiveness of controls used by the company to develop software that safeguards customers’ information.
“Baffle is committed to protecting sensitive data and this applies to not only the platform we provide our customers but also how we manage the data we collect,” said Ameesh Divatia, founder and CEO, Baffle. “Our achievement of the SOC 2 Type 2 attestation not only validates our ongoing dedication to operational excellence, but also assures our customers and partners of our capability to handle sensitive data with utmost care.”
Baffle was evaluated using the following principles and related criteria that has been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!
