Announcing SOC 2 Type 2 for Inkle: We are ready! [2024]

At Inkle, we're dedicated to earning and maintaining the trust of our customers by providing and enabling top-notch security and data privacy in the domain of US tax automation and accounting.

That's why we're thrilled to share that we've achieved SOC 2 Type 2 Compliance.

This crucial milestone reflects our unwavering commitment to safeguarding your data. 

Through rigorous audits and thorough evaluations, we've ensured that your information is protected with the highest industry standards.

As our customers, you can now have even greater confidence that your data is managed in a secure, controlled, and audited environment. We're proud to set this standard and will continue to prioritise your security and privacy.

‍

What does SOC 2 Type 2 complaint mean?

SOC 2 Type 2 compliance is a certification that shows a company follows strict standards for managing and protecting customer data. This certification is awarded after an in-depth review of the company’s processes over a period of time. 

Here’s a simple breakdown:

1. Security and Privacy: It ensures that a company has robust systems in place to keep customer data safe from unauthorized access and breaches.
2. Continuous Monitoring: The company is evaluated over several months to verify that its data protection practices are not just in place but are consistently followed.

In essence, SOC 2 Type 2 compliance proves that a company is serious about maintaining high standards of data security and privacy, giving customers confidence that their information security is handled with the utmost care.

‍

What are the trust service criteria?

SOC 2 Type 2 compliance is built around five fundamental principles, often referred to as the Trust Services Criteria, set up by the American Institute of Certified Public Accountants (AICPA). 

These are:

1. Security: Ensures the system is protected against unauthorised access.
2. Availability: The system is available for operation & use as committed / agreed.
3. Processing Integrity: The system processing is complete, valid, accurate, timely, and authorised.
4. Confidentiality: The Information which is designated as confidential is protected as committed or agreed.
5. Privacy: Personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice.

These principles collectively ensure that companies maintain high standards for managing and securing customer data.

‍

Who is AICPA?

SOC 2 Type 2 compliance is governed by the American Institute of Certified Public Accountants (AICPA). The AICPA sets the standards for this certification, making sure that companies adhere to best practices in data security and privacy. Their rigorous criteria help businesses demonstrate their commitment to protecting customer data with consistent and reliable processes.

‍

How is Inkle complaint?

Inkle is entirely compliant with the following three trust services criteria:

Security

At Inkle, we take the security of your data seriously throughout its entire lifecycle. Our platform is created with robust security system plus measures to prevent unauthorised access & protect against potential threats. This includes advanced solutions like endpoint protection and network monitoring to detect and stop any suspicious activities. 

Additionally, we ensure organisation-wide security by implementing comprehensive controls and governance practices. This means that your information is totally secured and maintained with the highest standards of integrity and confidentiality.

Availability

At Inkle, we ensure our systems are always up and running to meet your business needs and service agreements. While we don't set a specific performance level, we have measures in place to keep everything operating smoothly. 

This includes monitoring system performance, maintaining regular data backups, and having solid disaster recovery plans ready. Our objective is to ensure you can rely on Inkle to be available whenever you need it.

Confidentiality

At Inkle, we prioritise keeping your confidential information safe at every stage—from collection and processing to disposal. We follow strict guidelines, which may be set by laws, internal policies, or agreements with partners, to ensure this. 

Confidential information can range from personal details to trade secrets and intellectual property. To protect this data, we use advanced measures like encryption and identity and access management, ensuring that only authorised individual / personnel have access to sensitive information.

‍

Why is SOC 2 Type 2 compliance important for SaaS accounting platforms?

SOC 2 Type 2 compliance is crucial for these platforms because it shows they take data security and privacy seriously. Here are a few reasons why it matters:

• Trust and Credibility: When a platform is SOC 2 Type 2 compliant, it has undergone thorough evaluations and continuous monitoring, proving it can safeguard customer data. This builds trust and enhances credibility with clients.
• Data Protection: For platforms handling sensitive financial information, protecting against data breaches and unauthorised access is essential. SOC 2 Type 2 compliance ensures robust security measures are in place.
• Regulatory Alignment: Compliance with SOC 2 Type 2 means the platform meets strict industry standards and regulations, which is particularly important in the US market where data privacy laws are stringent.
• Client Reassurance: Clients need to know their financial data is handled with the utmost care. SOC 2 Type 2 compliance reassures them that their information is secure and managed according to best practices.
• Competitive Advantage: Being SOC 2 Type 2 compliant can set a platform apart from competitors who may have a different level of security assurance, making it a preferred choice for businesses looking for reliable service providers.

In essence, SOC 2 Type 2 compliance is about ensuring data security, building trust, and maintaining regulatory standards—all of which are vital for B2B SaaS accounting and tax platforms serving the US market.

Know more about our security here.

Say hello on LinkedIn.