Achieves SOC 2(R) Compliance Enterprise customers increasingly requiring vendors to maintain SOC Type II to demonstrate compliance, data privacy
Vancouver, British Columbia--(Newsfile Corp. - October 19, 2021) - Plurilock Security Inc. (TSXV: PLUR) (OTCQB: PLCKF) and related subsidiaries ("Plurilock" or the "Company"), an identity-centric cybersecurity solutions provider for workforces, has completed a SOC 2® assessment, successfully demonstrating the organization has effective controls in place for its cybersecurity solutions, business operations procedures, and technical infrastructure.
Standards for SOC Type II are set by the American Institute of Certified Public Accountants (AICPA), a member association representing the accounting profession.1 SOC Type II compliance is demonstrated following the completion of an examination that focuses on five trust service principles of security, including confidentiality, security, availability, processing integrity, and the privacy of customer data.2
The Company received the results of the SOC Type II report following an assessment period conducted by security and compliance firm BARR Advisory, P.A., from June 1, 2021 to August 31, 2021.
SOC Type II is a standard with widespread adoption within the larger business community and financial vertical, resulting in increased credibility for solution providers that receive the certification.
During the assessment period, the firm reviewed access controls to Plurilock's systems, including its ADAPT and DEFEND continuous authentication products, as well as the operating effectiveness of its infrastructure and internal and external controls. By meeting the SOC Type II compliance standard, the Company has demonstrated that there are controls and policies in place that mitigate risk as well as provide business continuity and customer assurance that systems and data will be protected.
In addition, SOC Type II compliance validates Plurilock's role as a reliable and trusted third-party vendor for enterprise organizations within government, finance, healthcare, and education verticals, at a time where recent statistics show that 51% of organizations have experienced a data breach caused by a third-party.3 Further, the Company has committed to only working with third-party vendors that also maintain SOC Type II compliance or equivalent controls. Plurilock utilizes Amazon Web Services, further reducing risk by benefiting from their strong infrastructure controls.
"It is paramount to maintain our clients' trust and demonstrating our SOC Type II compliance with this report affirms that their data and key resources are secured without compromising business continuity," said Ian L. Paterson, CEO of Plurilock. "This assessment is part of our ongoing efforts to provide top-notch cybersecurity continuous authentication solutions that are credible and well-recognized in the industry."
Plurilock's ADAPT solution provides multi-factor authentication for login or credential workflows, providing an additional, invisible authentication factor using behavioral biometrics, while reducing two-factor authentication (2FA) prompts. Plurilock's DEFEND product is a continuous authentication platform that offers identity assurance and compromise detection, alerting IT security personnel to potential threats in real time.
Any negative findings noted in the report were mitigated during the observation period with the firm and there are no outstanding mitigations. Plurilock will revisit the SOC Type II compliance process on a yearly basis.