AvePoint is Officially SOC 2 Type II Certified!

author
Post Date: 02/10/2021
feature image

Our Commitment to Cloud Security

AvePoint is pleased to announce that we have earned the System and Organization Controls (SOC) 2 Type II certification that covers AvePoint Online Services (AOS), AvePoint Migration Platform (AMP), DocAve, Compliance Guardian, Governance Automation, and Records, that collectively migrate, manage, and protect data across cloud and on-premises collaboration systems.

AvePoint’s critical data management solutions enable organizations to make their digital collaboration systems more productive, secure, and compliant. The impact of COVID-19 and the growth of Microsoft’s cloud solutions, including Microsoft 365 and Microsoft Teams, have accelerated demand for AvePoint’s products.

The SOC 2 Type II audit and attestation, conducted by an independent CPA firm, confirms that AvePoint meets the strict information security and privacy standards for the handling of highly sensitive customer data established by the American Institute of Certified Public Accountants (AICPA). Our report is issued by independent third-party auditors and covers the principles of Security, Availability, Confidentiality, and Privacy.

The SOC 2® Type 2 report is intended to provide an understanding of the service organization’s suitability of the design and operating effectiveness of its internal controls. The successful completion of this audit illustrates our ongoing commitment to creating and maintaining a secure operating environment for our clients’ confidential data. AvePoint is continuously improving our program and controls, and we choose not to solely rely on the security and privacy credentials of our service providers.

We are also in fact consumers of our own technology! AvePoint met not only SOC 2, but also ISO 27001:2013 requirements using our own Compliance Guardian and AOS solutions. We’ve been able to do things like:

  • Automatically apply data classification to data at rest and any newly created document based on sensitivity, document/information type, and retention period
  • Identify non-conformities in the Incident Management Center
  • Automate third-party vendor risk assessments
  • Automate Risk Management

AvePoint has a long-standing commitment to privacy and security. Achieving both the SOC 2 attestation and ISO 27001 certifications provides independent validation of our ability to provide the highest levels of protection for sensitive data. Security and compliance, and the ability to adapt to evolving risks and requirements, are disciplines that must be practiced each day to ensure data protection, integrity, availability, and reliability.


Keep up with everything AvePoint by subscribing to our blog!

author

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise

View all posts by Dana S.
Share this blog

Subscribe to our blog