Infigo IS is now SOC 2 Type 1 compliant
From day one, Infigo IS has been dedicated to security, whether it is security assessment, consulting, application development such as Infigo SIEM, or entering the MSSP arena. And in those more than 15 years, user data has always been our number one priority.
To justify the trust of customers, we are always chasing more certificates, whether vendor or industry wide, and this time we have decided to become compliant with SOC 2 Type 1.
SOC 2 (Service Organization Control) Type 1 is conducted by an independent audit and delivers a compliance report (some say certificate, but that is not correct); this compliance is based on the Trust Services Criteria and serves to achieve trust between Infigo IS and clients' data we process.
The SOC 2 reports address one or more key categories, and the one that Infigo IS has focused on is, of course, security. The services under the scope are those that fall under our Managed Security Services Provider (MSSP) offering and FRAML (FRaud and Anti-Money Laundering) services.
SOC 2 Type 1 looks at the implementation of best practices in terms of infrastructure, software, data, people, and procedures, and it is quite demanding to achieve – so far only one other Croatian company has had it.
With ISO 9001, 27001, 22301, a myriad of vendor certificates, and a SOC 2 Type 1, Infigo IS is positioned as an equal member of the global security community.