Earlier this month, the Allocadia team had a “SOC” hop — we gave out prizes for the craziest socks, played “Dance Dance Revolution” in our socks and celebrated our team’s nine months of hard work that led to a major milestone: compliance with SOC 2 security standards.
If you’ve never heard of a SOC hop, you’ve never met the Allocadia team. Security is in our DNA, because security matters to our customers. One of our founding values is being customer-obsessed, and celebrating compliance is just one example of how we live our customer-obsessed culture. Some companies look at compliance as something they have to do, but at Allocadia we celebrate it and we’re proud of it.
To share more about what meeting this compliance standard means for Allocadia customers and why our entire team got so excited about it, we asked Sabino Marquez, our chief information security officer, a few questions.
What Is SOC 2?
Achieving SOC 2 compliance is proof that Allocadia is secure by design.
Sabino explained that SOC 2 compliance involves a rigorous third-party audit to make sure all of our security processes are in place and that we have the right controls to prevent mistakes.
We had to show that data is secure four ways:
- Secure from external threats (like hackers).
- Secure from internal threats (like human error).
- Secure when a customer transfers data from their system to Allocadia, and back out again.
- Secure in how we develop our code. We had to show that we hire developers with sound security backgrounds.
Sabino has led several organizations through similar compliance journeys, and he said this is the first time he has led a team to complete the audit process in just nine months. Usually, the compliance process takes several years. “I’m quite proud of this team. You really see the ‘security culture’ come through in everyone’s eagerness to keep customer data safe and private. When customer security is a cultural value, security is not a fight; it’s a natural extension of how we run the business.”
What Changes Did Allocadia Make?
While Allocadia has always been run on secure processes, the push for SOC 2 compliance gave us the opportunity to formalize all of our processes. We purchased technology, strengthened dual and triple controls, solidified security visibility and response procedures and cemented validation protocols.
Sabino joined Allocadia a year ago to focus exclusively on data security. In his dedicated role, he spends all of his time making sure Security runs like a well-oiled machine.
What Does This Mean for Allocadia Customers?
While we’ve always been dedicated to providing top-notch security for our customers, SOC 2 compliance means peace of mind for Allocadia customers and prospects. “Customers are giving us their most valued data,” he says. “When my counterparts on the customer side see our SOC 2 compliance, they know that someone outside the company has really looked at our processes, and came back confident in their effectiveness.”
Enterprise customers like Red Hat, Juniper Networks and National Instruments, and partners like IBM already trust Allocadia with their data. Allocadia is also well-versed in the compliance-heavy Finance and Banking industries, with customers like Charles Schwab managing their marketing budgets within the Allocadia platform. Sabino’s background is in the banking industry, and he noted that SOC 2 compliance provides peace of mind for those customers.
“Overall, SOC 2 compliance formalizes our dedication to security for existing customers and demonstrates to new customers that we are making every investment to maintain the highest level of transparency and compliance,” he says.
What’s Next for Allocadia?
“This is bigger than just SOC 2 compliance. SOC 2 is complementary to all of the things we’re continually doing around data security and privacy,” Sabino says. “It’s one more reason why Allocadia is recognized as the industry’s leading Marketing Performance Management platform.”
Allocadia will continue to bring in outside auditors at specific intervals to confirm SOC 2 compliance. “SOC 2 is a marriage that only intensifies as time goes on,” Sabino says. Now that Allocadia has achieved SOC 2, the company will continue pursuing other similar information assurance frameworks.
“We’re in a good place to prove to customers that we keep their data safe and private,” Sabino says. “And for me, it’s nice to be in a culture where security is celebrated, not something that gets in the way. Having that team mentality about security makes us infinitely more secure because everyone at Allocadia is onboard the data security train. We’re all doing our part toward a common goal — helping marketers be the leaders they want and need to be in today’s digital world.”