Rever Passes Rigorous Infrastructure Audit for SOC 2 Certification and Trusted Technology Platform Partner

We are excited to announce that our Frontline Activation Platform has successfully completed the Service Organization Control (SOC) 2 Type 1 audit. Conducted by Boulay Group, a leading information technology and security services firm, and leveraging Vanta’s security and compliance platform, the audit affirms that Rever’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security and confidentiality.

As our customers increasingly leverage Rever for activities that are core to their business operations and strategy, there is a need for increased trust and transparency into cloud service providers’ operations, processes, and results. This is also true for a growing customer base in highly regulated industries.

Rever’s SOC 2 report verifies the existence of internal controls which have been designed and implemented to meet the requirements for the security principles set forth in the Trust Services Principles and Criteria for Security. It provides a thorough review of how Rever’s internal controls affect the security, the processing integrity of the systems it uses to process users’ data, and the confidentiality and privacy of the information processed by these systems. This independent validation of security controls is crucial for our customers and partners, especially in highly regulated industries.

“Obtaining the SOC 2 Type 1 certification reinforces Rever’s ongoing commitment to the security, availability, and processing integrity of the Rever platform,” says Luis Elizondo, Chief Technology Officer at Rever. “Our customers can feel confident that we are making every investment to establish and maintain the highest level of security and compliance.”

In addition to SOC 2 compliance, Rever is making a number of enhancements to its infrastructure by adding in additional layers of redundancy and increasing monitoring coverage of its platform.

More Information:

What is a SOC 2 report?

SOC stands for “Service and Organization Controls.” These controls are a set of standards outlined by the American Institute of Certified Public Accountants (AICPA) to measure how a service organization handles their users’ data. A SOC 2 report provides detailed information and assurances about a service organization’s controls relevant to the systems the service organization uses to process customer data. A service organization may obtain a SOC 2 report after a third-party review of the security of those systems. Companies often rely on a service organization’s SOC 2 report as a security compliance requirement.  

For Rever, the report serves as assurance to customers that we sufficiently:

• Secure customer data and personal information
• Ensure customers have easy access to their data within our platform
• Prevent unauthorized access to customer data and information  

What is included in Rever’s SOC 2 report?

Our full SOC 2 report describes the various security controls and processes that we use to secure customer data and make it consistently available to our customers. It details the precise software infrastructure and processes we use to achieve data security. Some of the controls covered in our report are: 

• System monitoring and ongoing risk assessments
• Internal access control to production environments
• Disaster recovery, data backup, and incident response processes
• Communication of changes to customers
• Employee on-boarding and termination processes

These are just some of the many practices detailed in our SOC 2 report—but our commitment to the privacy and trust of our customers doesn’t stop there. As part of our ongoing dedication to data security, we are constantly and critically reviewing how we collect, manage, and secure customer data. As part of that process, we plan to continue obtaining periodic SOC 2 Type II reports.