As a business that makes global employment easy and risk-free, we’re entrusted with storing and managing the information of our customers and their employees located all over the world.
It’s a responsibility we take very seriously–not least because it’s one of the top concerns our customers are always mentioning to us. But we know simply telling them we take it seriously isn’t enough.
Which is why we’re delighted to announce that after a rigorous audit of our information security management systems, processes, and controls, we’ve successfully completed our SOC 2 Type 2 and ISO 27001:2022 certifications!
If you’re familiar with the terminology, you’ll know why we’re so excited. But if your eyes are glazing over at that sequence of letters and numbers, don’t worry. Here’s a quick run-down of what they both mean and why we’re so proud of having achieved them.
So what is SOC 2 and ISO 27001:2022 compliance?
In a nutshell, these certifications prove that we have the ability to safeguard sensitive data and protect the interests of our customers. It tells everyone that we adhere to industry best practices and comply with enterprise-grade security standards. Need more specifics?
SOC 2
- SOC 2 is a standard set by the American Institute of Certified Public Accountants (AICPA).
- Demonstrating SOC 2 compliance involves a company’s security systems, policies, and processes being examined by an independent, third-party audit firm.
- After completing our audit, Multiplier is now both SOC 2 Type 1- and Type 2-compliant. That means all of our information systems are secured and audited based on the AICPA principles of confidentiality, processing integrity, availability, security and privacy.
ISO 27001:2022
- Set by the International Organization for Standardization, ISO 27001:2022 is a standard for information security management systems (ISMSs).
- Multiplier’s ISO 27001:2022 certification means our ISMS follows a robust framework for managing risks efficiently and securing the data we own or process.
SOC 2 certification assures our customers of our ironclad data handling practices, while ISO 27001:2002 marks us out as having a strong information security management system. Put those together, and we’ve further reinforced our position as a trusted partner in the industry, providing enterprise-grade security.
Why should I care?
These latest certifications don’t exist in a vacuum. They’re simply elements, albeit important ones, of our wider security philosophy which we call security by design. It’s all about putting security at the heart of what we do, instead of treating it as an afterthought.
By following security by design, we can ensure security is built into the way we design our products, services, and operations. Here are just a few examples:
- GDPR compliance: Multiplier follows European data protection regulations, empowering employees with the right to modify or delete their data upon request.
- 2FA login: To tighten security measures and protect your data, Multiplier secures customer accounts with Two-Factor Authentication (2FA), in line with SOC 2 Compliance.
- Hosted on AWS: Multiplier uses AWS’s cloud infrastructure, ensuring scalability and security. As an Amazon-certified partner with a proven track record (Foundational Technical Review), we implement industry best practices like environment segregation, disaster recovery, and rigorous authorization/authentication protocols.
- Data encryption: Multiplier takes a multi-layered encryption approach, using industry-standard technologies like AES-256 encryption for data at rest, and HTTPS with SHA-256 and RSA encryption for data in transit.
- Data backups: All data is instantly backed up, with retention ranging from 30 days to seven years based on importance and compliance with local laws for data storage and retention.
- Penetration testing: Multiplier’s application and APIs go through regular penetration tests by independent security firms according to industry-standard processes.
- Access controls: We offer role based access provisioning which is further bolstered by conducting periodic privilege and access check audits.
And… breathe. That’s not even the full picture, but it’s enough to prove that we’re fanatical about upholding the highest international security standards, putting all the right data security policies, processes, and controls in place to safeguard customer data.
Security (and peace-of-mind) by design
Multiplier’s SOC 2 Type 2 and ISO 27001:2022 certifications are yet more proof of our continuing commitment to excellence in information security. Our customers can rest assured that their data, and that of their employees, is in the safest possible hands–helping them to spend less time sweating about compliance and more time getting the most out of global talent.
If you’re looking to hire worldwide, safe in the knowledge your data is secure, talk to our experts today.
