Baffle Achieves SOC 2® Type II Compliance
Third-party Auditors Confirm the Company’s Security Best Practices, Reaffirming Baffle’s Commitment to Partners and Customers
SANTA CLARA, Calif. – March 13, 2024 — Baffle, the easiest way to protect sensitive data, today announced its successful completion of a System and Organization Controls (SOC) 2 certification examination resulting in a CPA’s report stating that management of Baffle maintained effective controls over the security, availability, processing integrity, confidentiality, and privacy (AICPA, Trust Services Criteria) of the Baffle Platform.
The recent SOC 2 Type II report performed by independent audit firm, MJD Advisors, provides third-party validation of Baffle’s focus on privacy and security in data management. Following the in-depth review of the company’s software development practices, Baffle achieved SOC 2 Type II compliance in November 2023. The SOC 2 report is designed to meet the needs of existing or potential customers who require assurance about the effectiveness of controls used by the company to develop software that safeguards customers’ information.
“Baffle is committed to protecting sensitive data and this applies to not only the platform we provide our customers but also how we manage the data we collect,” said Ameesh Divatia, founder and CEO, Baffle. “Our achievement of the SOC 2 Type 2 attestation not only validates our ongoing dedication to operational excellence, but also assures our customers and partners of our capability to handle sensitive data with utmost care.”
Baffle was evaluated using the following principles and related criteria that has been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
For additional information about Baffle and the privacy and security features, visit:
- Baffle – Privacy and Compliance Solutions
- Data Compliance: A Comprehensive Guide to Protecting Your Organization
- https://baffle.io/
About Baffle
Baffle is the easiest way to protect sensitive data. We are the only security platform that cryptographically protects the data itself as it’s created, used, and shared across cloud-native data stores that feed analytics, applications and AI. Baffle’s no code solution masks, tokenizes, and encrypts data with no application changes or impact to the user experience. With Baffle, enterprises easily meet compliance controls and security mandates, and reduce the effort and cost of protecting sensitive information to eliminate the impact of data breaches. Investors include Celesta Venture Capital, National Grid Partners, Lytical Ventures, Nepenthe Capital, True Ventures, Greenspring Associates, Clearvision Ventures, Engineering Capital, Triphammer Venture, ServiceNow Ventures [NYSE: NOW], Thomvest Ventures, and Industry Ventures.
Follow Baffle on Twitter and LinkedIn.
Contact:
Stephanie Schlegel
Offleash PR
[email protected]
Join our newsletter
Schedule a Demo with the Baffle team
Meet with Baffle team to ask questions and find out how Baffle can protect your sensitive data.
Easy
No application code modification required
Fast
Deploy in hours not weeks
Comprehensive
One solution for masking, tokenization, and encryption
Secure
AES cryptographic protection
Flexible
No impact to user experience