Prelude is now SOC 2 Type II compliant

We are proud to announce that we have successfully achieved SOC 2 Type II compliance! This certification is a testament to our commitment to maintaining the highest standards of data security, ensuring that our customers' sensitive information is handled with the utmost care and protection.

What Is SOC 2 Type II?

SOC 2, or System and Organization Controls 2, is a security framework developed by the American Institute of Certified Public Accountants (AICPA). It is designed to ensure that service providers manage customer data in a way that is secure, available, confidential, and maintains processing integrity and privacy.

The SOC 2 framework is built around five Trust Services Criteria (TSC):

1. Security: Protecting systems against unauthorized access and ensuring that only authorized personnel can access sensitive information.

2. Availability: Ensuring that systems are available for operation and use as agreed upon.

3. Processing Integrity: Ensuring that system processing is complete, valid, accurate, timely, and authorized.

4. Confidentiality: Protecting information that is designated as confidential and ensuring it is accessed only by authorized individuals.

5. Privacy: Ensuring that personal information is collected, used, retained, and disclosed in accordance with privacy policies.

SOC 2 Type II is the most comprehensive certification within the SOC framework, as it involves an in-depth audit of both the design and operational effectiveness of a company’s controls over a period of time, typically between six to twelve months. And when it comes to security, consistency is crucial.

SOC 2 Type II certification is crucial for companies like us, which provide critical services in sectors that demand robust security measures, such as fintech, healthcare, e-commerce, and more. This report outlines the importance of SOC 2 Type II, the process we undertook to achieve it, and how it benefits our clients.

What does it mean for Prelude?

The SOC 2 Type II audit confirmed that Prelude has implemented and maintained effective security controls in line with the Trust Services Criteria.

The report provided by Thoropass assesses that Prelude fulfills the five trust principles: security, availability, processing integrity, confidentiality and privacy, over a long period of time.

What does it mean for our customers?

For our clients, SOC 2 Type II means that they can be confident that their data is managed securely, with stringent controls in place to protect against unauthorized access and breaches.

For clients in highly regulated industries, SOC 2 Type II certification helps ensure that their service providers meet the necessary legal and regulatory requirements for data security.

Security and privacy are one of our main concerns, as we actively fight fraud on behalf of our customers, so obtaining SOC 2 Type II certification was the best way of demonstrating our commitment.

For further information or inquiries, please contact us directly or connect with us on LinkedIn. We will be happy to answer if you have any question!