We are constantly working hard to improve security at 21RISK. On this page you can read more about the external experts, that we pull in to make sure we do the job well.
SOC 2 (Service Organization Control Type 2) is an excellent compliance system because it provides a comprehensive framework for managing data security. It's specifically designed for service providers storing customer data in the cloud, ensuring the security, availability, processing integrity, confidentiality, and privacy of customer data.
A SOC 2 report, no matter which type, is the primary document to demonstrate a company’s overall data security efficiency - through testing the system we have in place, SOC 2 Type 1 determines whether the internal controls we put in place to safeguard customer data are sufficient and designed correctly and whether they comply with the trust services criteria.
Because we strongly value data security, and the trust of our clients, as of January 2024 we at 21RISK have upgraded our system accordingly so that we can adhere to the SOC 2 Type 1 certification and we are happy to inform you that we meet all regulatory requirements!
Congrats, your data just became even more secure in our system!
As of January 2024 we at 21RISK have upgraded our security system, and we have obtained a SOC 2 Type 1 certification from 360 Advanced !
We are currently in the process of obtaining a SOC Type 2 certification to further enhance our security!
To keep 21risk.com safe, we have started an automated scans program with Detectify Detectify was founded in Stockholm Sweden, and is today 90+ SaaS security company.
We have configured Detectify to automatically scan our internet exposure every 7 days
Here is the findings, from our latest report (2023 November)
For a full report, contact firstname.lastname@example.org .
For web-applications, http headers are one of the backbones for a secure environment. To test our headers, we use this tool . Here is the results from our latest test, November 2023.
We are currently in the process of finding a partner for penetration testing. Please contact email@example.com if this is important for your organization.