Luminate Security, provider of the first universal platform for secure access to corporate applications in hybrid clouds, today announced the completion of a stringent AICPA audit to obtain the SOC 2 Type II certification, and become the first secured access cloud service provider to achieve four audited controls.
SOC 2 is the officially recognized auditing standard for service organizations demonstrating adequate controls and processes. A SOC 2 Type II certification indicates that an independent accounting and auditing firm has examined the organization’s control objectives and activities, and has tested them to ensure their effective operation.
Luminate implemented controls and went through auditing for four principles of security, availability, processing integrity, confidentiality and most importantly privacy.
“Companies undergo digital transformation, they are expanding collaborations with partners and contractors, and they need to support an endless number of devices and locations. In this reality, CISOs understand the importance of Luminate’s secured access to cloud-hosted corporate applications,” said Luminate CTO Leonid Belkind. “They know core infrastructure service must be secure, scalable and reliable. Luminate invested heavily from day one across software, operational processes and staff to ensure our service delivers on all of these fronts. Our compliance with the most stringent SOC 2 certification is the most recent validation of that strategy.”
The privacy chapter of the report positions Luminate as GDPR ready, confirming that Luminate’s platform complies with the privacy principles in the delivery of service to its customers. In addition, Luminate’s Secure Access Cloud™ platform provides organizations with the GDPR-requested measures of data access visibility and governance. It addresses the GDPR requirements prompting the critical need for governing sensitive data, including the manageability and traceability of actions taken against data. Luminate’s full audit trail of application usages provides a strong foundation for GDPR compliance while reducing overall data attack surface and customer risk.