Last week, Itential announced the general availability of our cloud-native network automation solution, designed to help reduce the operational burden for enterprises and accelerate their network automation initiatives. In order to make this full managed service offering easier to adopt, I am thrilled to share that the Itential Automation Platform is now SOC 2 Type 1 certified. This certification is a key milestone for our company, and one that helps ensure we are protecting your data, while helping you automate every aspect of your network.
So why does this matter? I’ll share more on the importance and need of SOC 2 as well as the steps we followed to obtain the SOC 2 Type 1 certification.
What is SOC 2?
SOC 2 is an audit conducted by certified third-party auditors who check an organization against five trust criteria. SOC 2 compliance is considered the Gold Standard for security compliance for cloud-native applications. This audit process and certification is developed by the American Institute of CPAs (AICPA).
As per ISACA, “The AICPA has recognized the need for a solid system of internal processes and controls, including monitoring and reporting… broader entity-level controls around management oversight and risk management processes, and other technical controls to specifically address cybersecurity risks.”
Why Did Itential Complete the SOC 2 Audit?
Itential’s enterprise network automation platform can now be provided as a cloud-based SaaS solution. Our intelligent automations connect your entire network and carry your data throughout. Even though we don’t persist any data, our clients trust us with the sensitive data that flows through our systems so they can have the most reliable and secure network possible.
Since these network automations accelerate the most important use cases and network processes critical to your business, the SOC 2 certification makes your life easier by reducing the effort required to audit the Itential Automation Platform before you purchase it, or even trial it in your environment. This certification means that Itential follows industry-standard security compliance for your data, network, and cloud infrastructure.
How We Did it
Obtaining SOC 2 certification means ensuring each employee, as well as each piece of infrastructure, adheres to the criteria set forth by the AICPA.
The Itential Team
Secure processes and secure technology start with secure business operations. All Itential personnel completed online training modules focused on security concepts, threats, best practices, and protocols. Each employee was then responsible for ensuring that their work machines and system accounts (email, GitLab, AWS, etc.) were protected using antivirus software, password management systems, and multi-factor authentication.
Finally, each Itential employee reviewed and agreed to Itential’s updated company policies and procedures focused on information security and data privacy.
The Infrastructure
Securing the infrastructure of our production environment is a critical aspect of the SOC 2 certification. Access control is of utmost importance, and no environment should ever be susceptible to unauthorized access. To protect our production environment and infrastructure machines, Itential utilizes vulnerability monitoring solutions from Vanta, Qualys, and AWS. After securing the environment, the next focus area was code-level security. Multi-factor authentication is enabled and enforced via systems like Okta, GitLab, Keycloak, and AWS.
Lastly, we must ensure secure communication channels. Itential personnel use a combination of O365, Slack, and Box with multi-factor authentication and secure transmission functionality.
Committed to Consistency
Security is not a one-off activity; constant action, persistence, and consistency is key to secure business operations. Itential is committed to offering a secure enterprise automation platform for all our customers. We not only process your data securely and with integrity, but we also maintain security throughout. This SOC 2 certification vouches for all the efforts we take to secure customer data, and our consistency in this area will be audited and proven as we work to achieve our SOC 2 Type 2 certification.
Try the Itential Automation Platform Today
Our newly SOC 2 certified Itential Automation Platform makes it even easier for enterprise organizations to maintain network compliance, reduce manual operations, and simplify network management associated with automating physical and cloud network infrastructure. Our low-code, cloud-native network automation platform integrates with 100+ systems to allow freedom and flexibility of choice.
If you’re interested in a trial of our Itential Automation Platform, you can get started by requesting a free 30 day trial today or reach out to our automation experts to set up your custom demo.