KASPERSKY PASSES INDEPENDENT SOC 2 AUDIT.
The Service Organization Controls (SOC) Reporting Framework is a globally recognized report for cybersecurity risk management controls, developed by the American Institute of Certified Public Accountants (AICPA) to inform customers about effective design and implementation of security controls. Being a responsible and transparent company for its customers, Kaspersky has chosen this standard to demonstrate the trustworthiness of its product and the company's commitment to the AICPA Trust Service Principles and Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.
The examination completed under the SSAE 18 standard (Statement of Standards for Attestation Engagements) includes internal controls over regular automatic updates of antivirus databases, created and distributed by Kaspersky for its products operating on Windows and Unix Servers. In its final report, the Big Four independent auditor identified suitability of the abovementioned controls and their appropriate operation on a specified date.
Following the terms of the contract, Kaspersky cannot disclose the name of the third-party Big Four auditor. Although the company can disclose the principal information about its abovementioned commitments and requirements in the SOC 2 Type 1 report upon request.
The audit was done as part of the Global Transparency Initiative, which Kaspersky announced in 2017, to further ensure its partners and customers that the company's products and services are not only the best when it comes to protection from cyberthreats, but also treat customer data with the highest respect and care. Among other things the company is committed to relocating to Switzerland its data storage and processing for customers. As of today, the company has completed the second stage of its relocation for European users and plans to finalize this change by the end of 2019.
As well as data relocation, Kaspersky aims to have at least three transparency centers by 2020. The company continues support of its Bug Bounty Program and is working on several other projects aimed at increasing the company's transparency and trustworthiness.
By providing the free offering to LEAs, the company aims to increase awareness of how Kaspersky services operate and how they can help fight cybercrime and sophisticated cyberthreats.
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats.
For more information, visit www.kaspersky.com or call 781/503-1874.