Given the public nature of digital signage networks, a few minutes of blank screens – or even worse, unapproved content – can cause quite the scandal. While you may take every precaution to ensure that your screens are running as expected, your network is only as strong as its weakest link. Selecting vendors and partners that have strong security policies and practices in place is critical to your network’s success.
Here at BroadSign, we are thrilled to announce that we have completed the Service Organization Controls (SOC) II Type I and ISAE3420 rigorous security audits and have successfully obtained certifications.
Security is a top ranked digital signage requirement
In a recent global survey of digital signage media owners conducted by our team, security and reliability ranked as two of the top three concerns media owners had when selecting a digital signage software solution.
While the survey results are great validation, they came as no surprise. We work with a wide variety of media owners and publishers from networks with thousands of screens to some with just a few. Regardless of size, data security has always been a priority for both us and our customers, so much so that we felt it important to go through the rigorous year-long audit.
“The digital signage industry is rapidly growing and market leaders like BroadSign must pave the way in data protection standards. SOC II and ISAE 3420 are two of the most recognized and rigorous third-party data security audits available. We are proud that our clients now have the added trust and assurance of these third-party assessments.” – Burr Smith, CEO
What are SOC II and ISAE3420 certifications?
SOC II and ISAE3420 are internationally recognized standardized security certifications that ensure that SaaS and cloud based service providers, like BroadSign, have the policies and procedures in place to provide the highest levels of protection for their customers and their data. Other companies that have undergone and successfully completed the audits include Amazon Web Services, Google Cloud Platform, SAP and Salesforce.
To receive certification, businesses must undergo a detailed audit that examines the company’s business practices in five areas:
- Security: Are measures in place to protect against unauthorized access to information systems?
- Availability: Do information systems operate as expected and what fallbacks are in place in case of unexpected situations?
- Processing Integrity: Is system processing authorized, accurate, complete and timely?
- Confidentiality: Is confidential data protected against unauthorized access?
- Privacy: Is information collected, used, retained, and disclosed only as described in the business’ privacy notice and following the privacy principles laid out by American and Canadian professional accounting associations?
To ensure unbiased findings, the audit is conducted by a certified third-party professional auditing firm, such as BDO. These firms conduct thousands of examinations designed to test the validity of control systems, such as data security, reliability and other business practices.
BroadSign has always made data security a top priority. The SOC II and ISAE3420 certifications build on this commitment and provide third-party validation of the policies and procedures we have in place – and provide our customers with additional peace of mind.