I’m pleased to share that Censys has earned SOC 2 Type II certification. This certification reflects our commitment to continuously assess our solutions and tools in pursuit of a high standard of data security.
Service Organization Control (SOC) 2 Type II certification is a cybersecurity compliance framework that audits how well a cloud-based service provider handles sensitive information. The framework assesses the suitability of a company’s controls and their operational effectiveness, using five trust services criteria:
- Security
- Availability
- Processing Integrity
- Confidentiality
- Privacy
An independent auditing firm evaluated Censys from January 1, 2023 to July 31, 2023 and concluded in its report that Censys met certification requirements with no instances of non-compliance.
Unlike SOC 2 Type I certification, SOC 2 Type II audits an organization’s controls over a period of time, rather than a point in time, and assesses operational effectiveness.
The Value of SOC 2 Type II Certification
Earning SOC 2 Type II certification is important to Censys for a number of reasons. First and foremost, as a leading technology provider in the cybersecurity space, we always strive to adhere to the highest standards of data security and compliance. This year’s SOC 2 Type II report validates that we are doing just that.
Additionally, the certification:
Enhances Customer Trust and Credibility: SOC 2 Type II certification gives our customers third-party reassurance that when it comes to data security, we walk the walk. Customers can feel confident knowing that how we manage and protect client data has been independently judged to adhere to industry criteria.
Optimizes Our Internal Processes: Becoming SOC 2 Type II certified requires that organizations adopt a well-developed package of data security processes and procedures. In doing so, we can identify opportunities to improve how we work internally as well as gain a better understanding of our security posture.
Mitigates Risks and Improves Incident Preparedness: The process of preparing for SOC 2 Type II certification, as well as findings from the audit itself, further support Censys’ ability to mitigate risk. This exercise helps us identify new risks, which we are then able to take quick action to resolve.
Ensures We’re Meeting Regulatory Standards: Censys supports customers in dozens of countries around the world, which is why it’s important for us to understand and operate within regulatory environments within the U.S. and abroad. SOC 2 Type II certification validates us against those regulatory standards.
Increases Operational Efficiency: SOC 2 Type II compliance supports downstream operational efficiencies, including:
- Cost savings, by reducing the likelihood of a breach and its possible legal repercussions
- Scalability, resulting from SOC 2 Type II processes that support our ability to grow more rapidly while still maintaining data security and compliance
Censys maintains a firm commitment to data privacy and security. Our SOC 2 Type II certification is just one of a number of security exercises we engage in on an ongoing basis to ensure that we’re making every effort to protect our customers’ information.