At Keystrike nothing is more important to us than customer success, and success is built upon trust. In order to help our customers secure remote desktop connections, we must have stringent security practices internally. To demonstrate our commitment to the highest security standards, and better safeguard our customers, we’re proud to announce that Keystrike is now officially SOC 2 compliant. SOC 2 compliance provides third-party validation of our commitment to security & compliance and demonstrates the importance of building our customer’s trust. 

SOC 2 is a reporting standard based on the Trust Services Criteria (TSC) from the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA). The goal of SOC 2 is to prove that compliant organizations uphold the best practices for security, availability, processing integrity, confidentiality, and privacy.

If you’re unfamiliar with the intricacies of the TSC, we’ve put together a short explanation explaining what it means to protect data at this level. 

What it means to be SOC 2 compliant: 5 elements of trust

SOC 2 compliance specifically refers to adhering to the standards set forth in the SOC 2 framework, which is designed to ensure that service organizations securely manage data to protect the privacy and interests of their clients. SOC 2 compliance shows Keystrike’s commitments to the following principles:

1. Security:

  • Ensures the system is protected against unauthorized access (both physical and logical).

2. Availability:

  • Ensures the system is available for operation and use as committed or agreed upon.

3. Processing Integrity:

  • Ensures the system processes data completely, accurately, timely, and with authorization.

4. Confidentiality:

  • Ensures information designated as confidential is protected as committed or agreed.

5. Privacy:

  • Ensures personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice.

Keystrike customers recognize that traditional multi-factor authentication (MFA) only authenticates the start of sessions, which makes MFA easy to bypass when workstations are compromised. In order to trust Keystrike’s continuous authentication of remote desktop connections like RDP, SSH & VDI, our customers rightfully demand that we uphold the highest levels of internal security. Being SOC 2 compliant demonstrates Keystrike’s commitment to maintaining a high level of security and privacy for our customers’ data.