Ducen announces the successful completion of its SOC 1 Type I compliance. This attestation shows the company’s commitment to protecting their customers’ data and providing them with the reassurance, transparency, and peace of mind needed to be able to focus on growing the business.
“Security has become a mission-critical top 3 priority for all businesses. I’m extremely grateful and proud of our compliance and infra team members for their contributions and support throughout this rigorous process. Security starts with what you buy, and who you partner with. Securing a SOC 1 Type I attestation provides Ducen’s clients and partners a strong level of confidence that their data is being handled securely and safely, with stringent security controls implemented across the entire organization,” George Alifragis, COO of Emerging Markets at Ducen, emphasized.
The 12-week audit conducted by a third-party CPA firm covered all aspects of security—from information and physical security to risk and incident management—to ensure that the organization is well equipped to defend against data breaches and attacks.
“Nothing is more important to Ducen than keeping our customer’s trust intact,” Don Bristow, Chief Consulting & Compliance Officer at Ducen, said. “Proactively securing all parts of the organization to safeguard and protect customer data is not taken lightly. It’s our responsibility to ensure we keep up with the latest security controls to foster trust, transparency, and collaboration with our client partners.”
Developed by the American Institute of CPAs (AICPA), the Service Organization Control (SOC) 1 Type I compliance aims to attest a service organization’s system, which includes the nature of services provided and the state of any relevant controls.
This accreditation has further enhanced Ducen’s security and cyber resilience throughout all parts of the organization and builds upon its existing ISO 9001, ISO 27001, CMMI V1.3, and HIPAA standards. To provide extra layers of protection, Ducen is already gearing up to further invest in its security posture in addition to completing the ISO 27034 certification in early 2022. This will strengthen the organization’s security controls as they continue to develop critical software, applications, and insights for security-conscious clients.