iLobby + SOC 2 Compliance

SERVICE ORGANIZATION CONTROLS (SOC) COMPLIANCE

SOC 2, Type 2 is one of the highest levels of security certification for technology companies who store customer data in the cloud and it was established to mitigate the risk and exposure of sensitive data. This certification ensures that iLobby has established internal security controls in place, follows strict information security policies and procedures, and actively monitors to prevent threats and risks. It ensures that we can quickly respond to critical situations and tackle problems right at the source in order to prevent your confidential and sensitive information from unauthorized access or disclosure.

iLobby undergoes technical audits regularly to ensure the safeguarding of your confidential, private, and sensitive information. The SOC 2 certification shows iLobby’s commitment to protecting our clients’ data, and ensures that iLobby has strict internal processes for handling your data in order to meet all of the best-practices for security, availability, processing integrity, confidentiality, and privacy.

Here's how iLobby® keeps your data safe while meeting the SOC 2 security principle:

Physical and virtual assets awareness

The first step to SOC 2 is being able to account for where all pieces of data are stored on site within our office, which regions data centres are located in, and how and where data is stored virtually in the cloud.

System vulnerability identification

Vulnerabilities in iLobby’s systems and processes are assessed and addressed at minimum on a quarterly basis, and audited regularly as part of the compliance and security program.

Threat and intrusion detection (IDS)

iLobby has established processes and practices in place for oversight across all host, network, and cloud environments ensuring that we are aware of any threats across the infrastructure. We actively monitor for malicious or unusual activities, unauthorized system configuration changes, and user access levels. Any intrusions detected raise associated alarms, and are immediately looked into.

Orchestrated incident response

iLobby is able to act quickly to isolate system components in the event of malware infection, and prevent its spread throughout the rest of the network. With automated alerts in place and active monitoring, it makes it easy to identify threats and respond to them instantly to take corrective measures and mitigate risks to your organization or the exposure of data.

Log management

iLobby keeps a paper trail and logs all events and actions across our servers, services, and applications, both on premises and in our cloud environment. The data is available centrally in one location, so that we can analyze real-time events, identify trends, assess where threats originated, and make quick decisions about how to respond to risks.

Integrated threat intelligence

iLobby keeps up to date on new threats and vulnerabilities, as well as how to properly address them in order to mitigate any potential risks. Knowledge of the latest cybersecurity threats and vulnerabilities enables proactively identifying potentially problematic changes in data trends, and spotting problems before they become system-wide issues which can lead to the exposure of sensitive data.

File integrity monitoring (FIM)

iLobby actively identifies when and how unauthorized changes were made that could introduce vulnerabilities and risk to the infrastructure. This involves real-time monitoring of changes to files, directories, and the Windows Registry.

Security and compliance reports and view

The iLobby environment is monitored on a day-to-day basis through reporting and dashboard views. Daily scheduled reports to management and regular reporting to auditors ensures that security controls are in place and functioning properly.

Compliance

iLobby already meets most compliance standards for data security and on-premise monitoring, and can be configured to meet your unique needs.

Legal

Automate legal documents and digital signatures for NDAs, liability waivers, and more for visitors and contractors. Securely store legal documents in one place, and easily download them when you need.

Reporting

Easily create or schedule custom reports with just a few clicks. Simply filter the data types and timeframe you need, and view it in the dashboard or export the information.

Audits

Always be audit-ready by maintaining a full paper trail of all data and signed documents collected, and easily export what you need in order to prepare for an audit in seconds.

Discover how iLobby® can meet your compliance needs

iLobby can meet most compliance standards for data security and on-premise monitoring, and can be configured
to meet your unique needs. See what iLobby can do for your organization.