Congrats to our EIS Awards Finalists Dr. Scholl’s and Sazerac!
Alchemy Worx
LET'S TALK

Alchemy Worx Is SOC 2 Type 2 Compliant:
Here's Why That's Important

It’s with tremendous pleasure we announce that Alchemy Worx received SOC 2 Type 2 certification on March 1, 2023.

SOC 2 Type 2 Compliance is awarded after a thorough audit conducted by an independent third-party firm and means we are compliant with the set of standards and criteria outlined by the American Institute of CPAs for managing customer data. Keeping our customer’s privileged information safe and secure has always been a top priority at Alchemy Worx, and now we have the documentation to prove it.

What is SOC 2 Type 2 Compliance?

Think of SOC 2 Type 2 compliance like a gasket on a pipe. It’s secured tightly around the pipe to prevent anything from leaking out. That’s exactly what SOC 2 compliance does, but instead of rubber, you have policies and procedures; and instead of water, you have sensitive data. 

Why Is It Important?

We’ve all received notifications at some point that our passwords have been involved in a data breach. Data breaches and cyber threats are very common in this day and age, so it’s essential to prioritize data protection. When it comes to a company’s commitment to this, the golden standard is adhering to SOC 2 policies. 

What Does Compliance Look Like?

Achieving SOC 2 Type 2 compliance is all about getting policies in place and documenting them for transparency. We implemented controls and measures within the five SOC 2 areas; security, availability, processing integrity, confidentiality, and privacy. Here’s what looks like:

  1. Security: Ensuring access to systems and data is restricted to authorized individuals, implementing data encryption, and securing access to any equipment housing customer data. 
  2. Availability: Making systems and services available and operational, and establishing procedures for incidents that may impact that. 
  3. Processing Integrity: Implementing controls to validate the accuracy and completeness of data processing, and making sure systems and processes operate with integrity.
  4. Confidentiality: Protect sensitive information by preventing unauthorized access, disclosure, or use, and implementing confidentiality agreements with personnel or third parties. 
  5. Privacy: Address concerns related to the collection, use, retention, disclosure, and disposal of personal information, while getting the appropriate consent and notification related to its collection.

 

If you have any questions regarding SOC 2 Type 2 compliance, our certification, or our data policies, please contact us today!