SOC 2

Microshare Achieves SOC 2 Compliance 

By Tim Panagos and Jeffrey Tantum

As a trusted leader in the Sensing-as-a-Service space, Microshare is committed to providing secure products that leverage the power of the Internet of Things (IoT) data. Microshare’s security and compliance principles guide how we design and deliver our offerings. We implement comprehensive security controls that maintain the safety and integrity of customer data entrusted to us.  

Our commitment to information security has led us to successfully complete the Service Organization Control (SOC) 2 Type I audit. This confirms that Microshare’s information security practices, policies, procedures, and operations meet the AICPA SOC 2 standards for security. 

Microshare has partnered with the auditor Prescient Assurance, a leader in security and compliance certifications. This external attestation provides independent assurance of Microshare’s security controls by regularly assessing and validating the protections and effective security practices in place.  

Application Security  

The security of our application is pivotal. Microshare deploys third party penetration testing and vulnerability scanning on a regular basis for production systems. Our application utilizes an industry leading Web Application Firewall (WAF) to protect from security threats through automatic detection and blocking of malicious traffic. Protections against Distributed Denial of Service (DDoS) are also included to ensure service continuity. 

Cloud Security 

Microshare partners with hosting provider, Microsoft Azure. Leveraging the native physical and network security features, we can ensure our data centers maintain compliant infrastructure, services, and physical access controls. This allows for maximum security with complete customer isolation in a modern, multi-tenant architecture. All customer and company data is encrypted in transit and at rest for protection. In addition, the entire platform is continuously monitored by our dedicated, highly trained Microshare experts.  

Secure Development  

Development projects at Microshare follow secure development lifecycle principles. New products, tools, and services, and major changes to existing ones, undergo design review to ensure security requirements are incorporated into proposed projects. Application development is conducted in line with OWASP Top 10 recommendations for web application security. We perform software application security testing of code, including open-source libraries, as part of our software development process. 

Secure Personnel 

Microshare employs leading talent and ensures that only vetted personnel can access company resources. Employees and contractors with access to internal information undergo background checks and sign Non-Disclosure Agreements (NDAs). Security is embedded in the culture of our organization. Employees and contractors complete information security trainings on a regular and recurring basis, to ensure safe operation. 

These and many other SOC 2 compliant controls are in place to make certain our services provide industry-leading data security.  

Tim Panagos | CTO and Co-Founder| TPanagos@microshare.io

Jeffrey Tantum | Cybersecurity Process Specialist | JTantum@microshare.io

If you’d like to receive more information about our products and solutions