SOC 2 Type I and II, SOC 3 Attestation Confirms Strong Security, Confidentiality, and Availability Controls
Denver, CO (August 12, 2024)—Today, Mersive Technologies announced the company’s latest System and Organization Controls (SOC) 2 and SOC 3 reports, each stating that management of Mersive Technologies maintained effective controls over the security, confidentiality, and availability of its wireless collaboration and sharing solution.
The reports were issued by BARR Advisory, P.A., a global cybersecurity consulting and compliance attestation firm that has served as a trusted advisor to hundreds of cloud-based and hybrid organizations aiming to build trust and resilience through cybersecurity compliance.
A SOC 2 report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used by the service organization to process customers’ information. A SOC 3 report is similar in scope but is shorter and allows for more general distribution.
“We are pleased that our SOC 2 and SOC 3 reports have shown we have the appropriate controls in place to mitigate risks related to security, confidentiality, and availability, along with HIPAA Security Rule requirements,” said Alan Young, Mersive’s Chief Product Officer and CISO. “We hope that achieving these milestones inspires confidence and assures our customers and partners that we view data security as a top priority.”
The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
- HIPAA Security Rule Requirements: The system is compliant with the applicable HIPAA Security Rule requirements set forth in the U.S. Department of Health and Human Services’ (HHS) Health Information Portability and Accountability Act.
Based on one or more of these criteria, SOC 2 reports provide valuable information that existing and potential customers of the service organization need to assess and address the risks associated with an outsourced service.
SOC 3 reports are public-facing reports for general use that communicate that an organization’s controls are properly designed, implemented, and operating effectively.
“This SOC 2 report affirms that Mersive has successfully managed the controls in place over the selected trust services criteria developed by the American Institute of CPAs (AICPA) for effective data management,” said Julie Mungai, senior manager of attest services at BARR Advisory. “Congratulations to the Mersive team on once again cementing its commitment to cybersecurity best practices.”
Current and prospective customers interested in a copy of Mersive’s SOC 2 or SOC 3 reports may contact sales@mersive.com.
About Mersive Technologies
Mersive Technologies provides solutions that allow people to connect and collaborate more effectively. The company’s flagship product, Solstice, is a software-based platform that enables users to share content from any device to any display in a meeting room, huddle space, or classroom. For more information, visit www.mersive.com.
About BARR Advisory
BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.
###
Media Contact:
Krissy Rushing Tomlin, RISE Media Strategy
714.261.3030, krissy@risemediastrategy.com