Enplug Achieves SOC 2 Type 2 Compliance
At Enplug, we’re dedicated to helping our customers build secure digital signage networks. As a result, we’re proud to lead the digital signage industry when it comes to security processes and compliance. Today, we’re excited to share proof of our commitment to security by announcing the successful completion of a Service Organization Control (SOC) 2 Type 2 audit.
What is SOC 2 compliance?
Enplug’s SOC 2 Type 2 and SOC 3 reports conclude an intensive six-month audit conducted by Coalfire, a cybersecurity risk management and compliance consultancy firm. Coalfire assessed Enplug and its software, providing independent validation of the design and effectiveness of Enplug’s data protection controls.
SOC 2 Type 1 and Type 2 audits are similar in what they measure, with the latter being more comprehensive. Since security processes are core to the Enplug platform, we committed to a Type 2 audit which objectively assessed our performance against key trust factors over a period of six months, instead of just a single point in time.
Why SOC 2 compliance matters
Compliance is particularly important to the digital signage industry as many signage networks include hundreds or thousands of endpoints, all of which are managed remotely. The information that is shared across these networks is often proprietary and frequently only intended for an internal audience.
Furthermore, signage networks form part of a larger IT architecture that is central to the successful day-to-day operations of an enterprise. In this context, proactively addressing potential threats is critical for protecting the interests of enterprises using digital signage.
How SOC 2 compliance positions Enplug as a digital signage software leader
While many digital signage software vendors talk about the importance of security, Enplug is now among the very few willing to submit to rigorous outside evaluation of those security claims.
SOC 2 Type 2 compliance is not mandated for digital signage providers, but we chose to undergo the rigorous audit in order to build trust and transparency with our employees, partners and clients. Particularly for our enterprise clients, security is a top priority, and that makes it our responsibility to proactively address potential risks across the organization.
Enplug’s overall commitment to security
Enplug is committed to world-class security, even when specific security measures aren’t mandatory. In this regard, completion of the SOC 2 Type 2 audit underscores the many provisions Enplug has implemented to protect the interests of its organization and the privacy of its clients.
Additional features of Enplug that enable clients to manage their networks seamlessly and securely include:
- Servers hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001 compliant facilities
- Encryption for all data at rest
- Isolated user permissions and custom user roles
- Recurring third-party API penetration testing
- Single Sign-On (SSO) via the SAML 2.0 protocol and Two-Factor Authentication (2FA) support
- Documented change management procedures
AV infrastructure is more critical than ever, given how the COVID-19 crisis distributed workforces almost overnight. Remote content management has gone from convenience to necessity for most organizations, and consequently AV network security is essential for these organizations to maintain business continuity. Security continues to be a top priority at Enplug, and we stand ready to help our customers manage through this challenging time.