Contents:
COPENHAGEN, July 6th, 2022 – Heimdal® is pleased to announce it has attained certification for ISAE 3000 SOC 2 Type II, demonstrating a commitment to providing customers with the highest level of data protection and security. SOC 2 reports issued under the ISAE 3000 standard are based on Trust Services Criteria for security, availability, confidentiality, processing integrity, and privacy-specific principles and criteria as defined. To show adherence to each of the criteria, specific requirements must be met within the organization.
The basic goal of the Trust Services Criteria is to protect the five aspects of information:
- Security: Protection against unauthorized access (physical and logical), data integrity, change management, and incident management.
- Availability: Availability of systems for operation and usage as agreed in the Service Level Agreements.
- Confidentiality: Information designated as confidential is protected and processed accordingly.
- Processing integrity: System processing is complete, accurate, timely, and authorized.
- Privacy: Personal information is collected, used, retained, disclosed, and destroyed in accordance with privacy requirements of the user organization and legally required privacy requirements, such as the General Data Protection Regulation (GDPR).
The key difference between Heimdal® SOC 2 Type I and Heimdal® SOC 2 Type II reports is that the Type II report was conducted over a one-year period on Heimdal® internal environment. This allowed Heimdal® SOC 2 Type II report to attest and control effectiveness from the 21st of April 2021 to the 31st of March 2022 (Testing period), something that is not being met in the SOC Type 1 report, which can only attest to the suitability of design and implementation.
This is a significant milestone for us as it reaffirms our constant dedication to the highest level of operational effectiveness and security. The SOC 2 Type II / ISAE 3000 certification delivers dependable visibility and transparency to the depth of our processes for operations and compliance. Our clients can trust us to host their sensitive data and mission-critical information. Heimdal™ is proud of this achievement, and it reassures both our customers and partners that we’ve included security best practices into all of our offerings.
– Morten Kjaersgaard, CEO Heimdal®
In addition to security requirements, the Trust Services Criteria also contains requirements for an internal control framework, including risk management and procedures to be followed by employees to control security and data (information in systems including transaction data, databases, and individual files).
After successfully completing the ISAE 3000 Soc 2 Type I in 2021, the ISAE 3000 Soc 2 Type II was a normal step for us to take in order to give our customers the assurance that the Heimdal control environment is appropriately designed and implemented to address key operational risks. The ISAE 3000 certification involved assessment of all aspects of Heimdal’s ethical practices: our processes, internal control, standard operating procedures, data security, a visible paper trail, and documented assurance reporting. Gaining the standard and maintaining it required responsibility across the whole business. This standard has become our own working document and we believe it added value to our business by ensuring that customer confidentiality, privacy, and security are at the heart of all your decisions in Heimdal.
– Mihaela Volintirescu, Heimdal® Compliance Manager
About Heimdal®
Founded in 2014 in Copenhagen, Denmark, Heimdal® is a leading European provider of cloud-based cybersecurity solutions. The company offers a multi-layered security suite that combines threat prevention, patch and asset management, endpoint rights management, and antivirus and e-mail security which together secure customers against cyberattacks and keep critical information and intellectual property safe. Heimdal™ has been recognized as a thought leader in the industry and has won multiple international awards both for its solutions and for its educational content creation.
Heimdal®’s solutions, effectiveness, convenience, and very competitive pricing enable organizations to simplify their IT infrastructure, minimize risks and boost productivity, allowing them to replace up to 7 vendors with just 1 and focus on what they do best – their businesses. Companies across many sectors can use Heimdal®’s technology to simplify IT operations, helping drive higher efficiency and automation, and become safe in the face of cyber threats.
Currently, Heimdal®’s cybersecurity solutions are deployed in more than 45 countries and supported regionally from offices in 15+ countries, by 175+ highly qualified specialists. Heimdal® is ISAE 3000 certified and secures more than 3 million endpoints for over 11,000 companies. Heimdal® supports its partners without concessions on the basis of predictability and scalability. The common goal is to create a sustainable ecosystem and a strategic partnership.