When we were approached by one of our largest customers to help them complete an audit, it seemed like the perfect opportunity for us to carry out one of our own.
TrackAbout is pleased to announce that we have now successfully completed SOC 2 Type 2 certification – a globally-recognized audit that shows we’re maintaining the very highest security standards.
Over the years, TrackAbout has established itself as a leading provider of asset tracking and management software for everything from totes and drums, to gas cylinders, rental equipment, and other returnable containers.
As part of our ongoing commitment to show we’re doing everything possible to keep your data safe and secure, we are constantly probing and testing our services, patching servers, and keeping an eye out for zero-day exploits and vulnerabilities.
We’ve always worked hard to maintain such high standards, so it seemed appropriate to get officially accredited.
Passing the Test
A SOC 2 Type 2 report is awarded annually to those able to demonstrate they have effective and robust procedures in place to ensure customer data is protected and security protocols are enforced.
The auditing process requires companies to prove they are implementing appropriate safeguards and controls, and that processes are followed at all times to minimize the risk of data loss or compromise.
To accomplish one of these certifications is a real achievement and we're delighted with the results.
The audit involves a lot of people and processes, and has touched every part of our business.
Our journey started 15 months ago when we appointed an external consultancy and bought some tooling to collect the required data. An independent third-party auditor then pored through evidence spanning a three-month period to check the effectiveness of our security controls.
It’s an extensive process. They want to know who has access to production data, what are their roles, and why they have access. How do you change access to data when a role changes? How quickly do you rescind access when someone leaves the company? What are the steps you take when someone requests access?
They want to make sure all employees have performance reviews on an annual basis, that you’re regularly reviewing access controls. They also run a penetration testing.
Compliance and Control
Companies like TrackAbout work to the highest standards to provide users with a service that not only meets their very specific needs but prioritizes security to ensure their data is protected at all times.
TrackAbout helps users monitor returnable containers so they can follow them through their life cycle. By tagging an asset using barcodes or RFID tags, drivers, plant workers, or any approved employee with access to a smartphone is able to collect this valuable data to keep track of all their physical assets.
A quick scan instantly allows users to catalogue their containers’ attributes, content, movements, and maintenance – which can not only be shared across teams but eliminates paperwork, and is far more efficient, saving users both time and money.
Ours is a cloud-based application hosted with Microsoft Azure, which has one of the tightest compliance regimes of all hosting providers. All data is encrypted at rest and in transit, and our software is built to the GAMP5 standard used in the pharmaceutical industry. We put all our applications through comprehensive testing procedures and thorough quality assurance processes before being released.
TrackAbout is committed to keeping your data accessible, safe, and secure – to help you keep control of your assets.
Frequently Asked Questions (FAQs)
Stay up to date with announcements by subscribing to the TrackAbout blog.