Company obtains SOC 2 Type 2 audit report and TRUSTe Trusted Cloud and Privacy Certifications
ThousandEyes, the network intelligence company that delivers visibility into every network, today announced completion of the Service Organization Controls (SOC) 2 Type 2 audit highlighting the company's commitment to customer data security. ThousandEyes' privacy practices regarding collection and use of personal information on the company's websites and apps were also re-certified for compliance with international privacy regulations by TRUSTe, the leading global Data Privacy Management company, through TRUSTe's Privacy Certification programs.
"Many of our customers are multinational Fortune 500 and Global 2000 companies with offices around the world. They need technology partners with robust information security and privacy management systems to minimize risks and retain compliance with laws, regulations and internal policies. This attestation is validation of our platform and our security management system," said Alexander Anoufriev, chief information security officer at ThousandEyes. "Our emphasis on security is one of the reasons that four of the top six U.S. banks and 24 of the Fortune 500 use ThousandEyes for network intelligence."
Completion of attest engagement using AT Section 101 standard and availability of the SOC 2 Type 2 report is the result of a continuous audit conducted to ensure the proper operation of security controls, which amounted to more than 150 tests over a six-month period. ThousandEyes demonstrated excellence among software as a service (SaaS) providers with a report that contained no exceptions or notes, showing remarkable data security controls and operations. The report and testing, conducted by the independent firm Schellman (formerly BrightLine CPAs & Associates), supersedes the SOC 2 Type 1 report that ThousandEyes received in September 2015, which tested the suitability of the company's design of security controls whereas SOC 2 Type 2 also verifies operating effectiveness.
In the report, Regulatory Compliance Alone Cannot Mitigate Cloud Vendor Risks, published by Gartner, written by Gayla Sullivan, Jay Heiser and Rob McMillan on February 9, 2016, it recommends that customers should regularly "obtain annual audit reports, such as the vendor's SOC 2 report, and confirmation of critical certifications, for example, ISO 27001: Information Security Management." The report adds, "Attach these certificates and attestations to the cloud vendor's risk profile each year as they are received."
Since being founded, protecting the security and privacy of customer data has been a top priority for ThousandEyes. The company has built a solid management foundation through adoption of the widely recognized and respected ISO/IEC 27001 standard for their information security management system. The ThousandEyes privacy management system is based on the Safe Harbor Framework.
For more information about ThousandEyes' commitment to security, visit https://thousandeyes.com/trust.
ThousandEyes, the Internet and Cloud Intelligence company, delivers the only collectively powered view of the Internet enabling enterprises and service providers to work together to improve the quality of every digital experience. The ThousandEyes platform leverages data collected from an unmatched fleet of vantage points throughout the global Internet, from within data centers and VPCs and on end user devices to expose key dependencies that impact digital service delivery, empowering businesses to see, understand and improve how their customers and employees experience any digital website, application or service. ThousandEyes is central to the global operations of the world's largest and fastest growing brands, including 160+ of the Global 2000, 85+ of the Fortune 500, 6 of the 7 top US banks, and 20 of the 25 top SaaS companies. For more information, visit www.ThousandEyes.com or follow us on Twitter at @ThousandEyes.