At Xevo, we manage a lot of digital information, and we take the safety of that information very seriously. Our partners and our customers trust us with their valuable data, and we want them to feel confident that we have the capabilities to protect that information. That’s why we have worked diligently to meet SOC 2 security standards, and this month we were certified as SOC 2 Type 1 compliant. Compliance with Type 1 regulations was our first step, and we are currently pursuing both SOC 2 Type 2 compliance and ISO/IEC 27001:2013 certification.
According to Imperva Incapsula, SOC 2 was “developed by the American Institute of CPAs (AICPA) and defines criteria for managing customer data based on five ‘trust service principles’—security, availability, processing integrity, confidentiality and privacy.”
SOC 2 reports are customized to each company’s unique business activities. To achieve SOC 2 compliance, a company develops security controls in accordance with one or more of the trust principles, and an independent third party audits the controls to verify that they effectively comply with the trust principles. Regular audits ensure that security practices stay current.
Xevo’s SOC 2 Type 1 compliance confirms that our security controls and practices effectively mitigate risk, so our customers and partners can rest easy knowing their data is secure and focus on what we do best, working together to deliver groundbreaking new automotive technology.