Data protection is a major issue for businesses, particularly in a context where cyberattacks are increasing and regulations are becoming stricter. At Present, we have always placed security at the heart of our priorities. Today, we are taking a new step by obtaining SOC 2 Type 2 certification, a reference standard that attests to the reliability and compliance of our data management practices.
This certification is particularly important for our customers and partners, who must not only ensure the protection of their sensitive information, but also comply with the new obligations imposed by Law 25 in Quebec.
Why SOC 2 certification is essential
SOC 2 (Service Organization Control 2) certification is an internationally recognized standard that assesses how a company protects the data entrusted to it. It is based on five main principles:
UA changing regulatory context: Law 25 in Quebec
Adopted in September 2021, Law 25 aims to modernize Quebec's legislative framework for the protection of personal information. It imposes new obligations on businesses, including:
The appointment of a data protection officer.
The obligation to report any breach of data confidentiality.
The obligation to obtain clear and informed consent for the use of personal data.
The implementation of security measures adapted to the sensitivity of the data processed.
The penalties provided for by Law 25 are severe: fines of up to $25 million or 4% of global annual turnover in the event of non-compliance. In this context, choosing a SOC 2 certified partner allows companies to demonstrate their commitment to these new requirements and to limit the risks related to data management.
A demanding process for trusted certification
Obtaining SOC 2 Type 2 certification is not a simple formality. It is a rigorous process that took place over 18 months and involved several key steps:
“Obtaining SOC 2 Type 2 certification reinforces Present’s ongoing commitment to providing secure, reliable services that meet the highest industry standards,” said Marc Beaulieu, President of Present. “This achievement is the result of a collective effort involving our technical, governance and security teams, and we are very grateful to them.”
Secure your data with a trusted partner
Cybersecurity and regulatory compliance are essential issues for any company today. By choosing a SOC 2 Type 2 certified provider, you ensure that your data is protected according to the highest industry standards.
Want to know more about our services and how we can help you secure your data? Contact us today.
The right use of technology addresses business challenges and drives business growth in all areas of an enterprise. We hope this blog will offer insight into developing strategies and tactics to enable you to identify those key drivers of growth and keep pace with and anticipate the rapid technology change of today.