Travel with Trust – moonstride Achieves SOC 2 Compliance
What is SOC 2 and Why it is Important?
SOC 2, or Service Organisation Controls 2, is a rigorous security framework established by the American Institute of Certified Public Accountants (AICPA). Think of SOC 2 as an independent audit, verifying our internal controls that secure your travel data. It’s like a gold star for cybersecurity, ensuring we have the right mechanisms in place to protect your information, every step of your journey.
What Does this Mean to Our Clients?
- Robust Data Security: Robust safeguards shield your sensitive travel information from unauthorised access, disclosure, or alteration.
- Reliable Systems: We’re committed to high availability, minimising downtime and disruptions to your travel experience.
- Ethical and Responsible: Our transparent and documented processes demonstrate our dedication to safeguarding your data with integrity.
moonstride’s Journey to SOC 2:
- Leadership and Management: At moonstride, data security is an organisational value woven into our DNA. Our leadership team led the charge with unwavering commitment and vision, guiding our high-performing team of compliance experts and security engineers. Their tireless efforts and collaborative spirit were instrumental in achieving this milestone.
- Process: Navigating the complexities of the SOC 2 audit could have been daunting. But we tackled it head-on by partnering with leading experts. Vanta’s Trust Management platform streamlined documentation, reducing our workload and allowing us to focus on what truly matters – security. And Advantage Partners’ deep expertise guided us through every step, ensuring seamless implementation of the necessary controls.
- Timeline: We understand achieving compliance takes focus. Our initial preparation phase took approximately one month, focusing on implementing key controls and establishing documentation. While timelines can vary, our experience proves that with proper planning and commitment, SOC 2 compliance can be accomplished within a reasonable timeframe. Based on our streamlined processes and improved documentation, we anticipate future SOC 2 audits to be completed in weeks.
Key Takeaways:
- Beyond Compliance: We didn’t just check boxes; we built a robust security posture that aligns with our values and effectively protects your data.
- Early Start, Smooth Finish: Initiating the process early laid a strong foundation and ensured a seamless audit. Gap assessments helped us prioritise efforts and save time.
- Security for All: Engaging all stakeholders fostered a culture of security awareness and built a truly effective program.
Your Data, Our Priority:
SOC 2 compliance is a testament to our unwavering commitment to customer trust and security. It signifies our dedication to:
- Building Trust and Transparency: Demonstrating our commitment to ethical and responsible data handling.
- Strengthening Our Security Posture: Safeguarding your data from unauthorised access or breaches.
- Mitigating Potential Risks: Employing proactive security measures to stay ahead of evolving threats.
moonstride’s Security Controls:
moonstride’s robust security controls include but are not limited to:
- Encryption: Our website is fortified with SSL encryption and data is encrypted using AES-256.
- Credit Card Safety: No credit card details are stored on our system, it is encrypted and sent directly to the payment partners for processing.
- Access Control: Access to moonstride is secured using multi-factor authentication.
- Vulnerability Scanning: We regularly scan our cloud instances and web applications to identify and address potential vulnerabilities.
- Logging and Monitoring: We securely retain audit trials and logs from cloud servers and firewalls to monitor suspicious network activity.
- Backup and Recovery: Backups are encrypted using AES-256. We take regular backups and retain them securely for easy recovery.
- Network Security: Advanced firewalls and security groups control incoming traffic, protecting against network attacks.
- Incident Response: We regularly review and test our incident response plan to ensure swift and effective action in case of any security event.
Choose moonstride, Choose Trust:
Your trust is our highest priority. We’re committed to continuously building a robust security and compliance program. We will:
- Maintain and refine our security controls.
- Adapt to the ever-changing cybersecurity landscape.
- Invest in the latest security technologies and best practices.
- Foster a culture of transparency and accountability in protecting your data.
Trust is the compass that guides your journey. By choosing moonstride, you choose a travel companion who values your trust as much as your destination.