Information Security

Oro, Inc., Aces SOC 2 Type II and PCI DSS Audits

Independent assessments affirm eCommerce pioneer’s
industry-leading security controls and processes 

Oro, Inc., the business application pioneer behind OroCommerce, the No.1 open-source B2B eCommerce solution, today announced the completion of its PCI DSS and SOC 2 Type II audits, both performed by KirkpatrickPrice. This attestation reaffirms Oro’s commitment to the highest standards of security and client services, validating the company’s airtight internal controls and processes around payment card data and personal consumer information.

“Many of Oro’s clients rely on their systems to process or store sensitive data and protect information,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “As a result, Oro has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance to Oro’s clients.”

The SOC 2 Type II audit provides an independent, third-party validation that Oro’s information security practices meet industry standards set by AICPA. The audit tested Oro’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy. KirkpatrickPrice also verified the suitability of the design and operating effectiveness of Oro’s controls to meet standards for these criteria.

The PCI DSS report verifies that Oro adheres to the Payment Card Industry Security Data Standard (PCI DSS), with all the proper internal controls and processes in place to deliver high quality services to its clients. KirkpatrickPrice’s experts examined the security of buyers’ payment information according to standards set by credit card companies and the Payment Card Industry Security Standards Council. The latest standards, set in March 2022, emphasize the importance of robust firewalls, multi-factor authentication, and adaptability, and ensure that companies adequately secure cardholder data against theft or unauthorized use.

Together, the two audits demonstrate that all Oro’s solutions — which include OroCommerce, OroMarketplace, OroCRM and OroPlatform — are built in compliance with industry standards and best practices, offering the resilient, secure, and flexible eCommerce ecosystem demanded by today’s B2B, B2C, and B2X merchants. With Oro’s unified open-source solutions, businesses get dependable security across all business processes — and with layered configuration, enterprise-grade encryption, and hourly backups and audit logs, Oro’s products also deliver robust compliance capabilities for B2B eCommerce brands.

“Data security and privacy are more important than ever, and the Oro team is working to give today’s B2B, B2C, and B2X sellers the robust infrastructure and completely dependable data security systems they need to operate in today’s challenging global digital commerce space,” said Yoav Kutner, CEO and co-founder of Oro. “Data security is vital to winning and retaining customers, and these results demonstrate our commitment to building robust tools to support merchants’ needs across the entire customer journey.”

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

Truist names Whyte Chief Information Security Officer

PR Newswire

MajorKey Technologies Becomes US Atlassian Specialized Partner in ITSM

PR Newswire

Automox Named “Endpoint Security Solution Provider of the Year”

GlobeNewswire