At Xevo, we manage a lot of digital information, and we take the safety of that information very seriously. Our partners and our customers trust us with a lot of valuable data, and we want them to feel confident that we have the capabilities to protect that information. That’s why we have worked diligently to meet SOC 2 security standards, and this month we received our SOC 2 Type 1 certification*. Receiving the Type 1 was our first step, and we are currently pursuing both SOC 2 Type 2 and ISO/IEC 27001:2013 certification.
According to Imperva Incapsula, SOC 2 was “developed by the American Institute of CPAs (AICPA) and defines criteria for managing customer data based on five ‘trust service principles’—security, availability, processing integrity, confidentiality and privacy.”
SOC 2 reports are customized to each company’s unique business activities. To receive SOC 2 certification, a company develops security controls in accordance with one or more of the trust principles, and an independent third party audits the controls to verify that they effectively comply with the trust principles. Regular audits ensure that security practices stay current.
Xevo’s SOC 2 Type 1 certification confirms that our security controls and practices effectively mitigate risk, so our customers and partners can rest easy knowing their data is secure and focus on what we do best, working together to deliver groundbreaking new automotive technology.
*Please contact us to request a copy of our SOC 2 Type 1 report.