The team at HYPR reveals that they’re pleased to confirm that they’ve successfully completed SOC 2 Type 2 and ISO 27001 compliance and audit initiatives “along with obtaining ISO 27017 and ISO 27018 compliance certifications.”
As noted by its management, HYPR allows customers to finally enable cross-platform desktop MFA, “stop phishing, and reduce fraud associated with weak or stolen passwords.”
HYPR says it’s the Passwordless company offering Identity Access Assurance (IAA).
As explained in the update from HYPR, SOC 2 is “a comprehensive framework developed by the American Institute of Certified Public Accountants (AICPA), which defines criteria for managing customer data based on five ‘trust service principles’—security, availability, processing integrity, confidentiality and privacy.”
The update also mentioned that certification is issued by outside auditors “after assessing and testing an organization’s systems and processes in accordance with these defined principles.”
As noted in the announcement from HYPR, ISO 27001 is a standard established by the International Organization for Standardization (ISO) that “governs an organization’s information security management system (ISMS).” As noted in the update, an ISMS includes all policies and processes that “relate to how an enterprise controls and manages sensitive data. ISO certification can only be issued by accredited bodies.”
Although SOC 2 and ISO compliance aren’t a regulatory requirement for SaaS and cloud computing vendors, their significance “in securing your data cannot be overstated, affecting everything from corporate governance, through regulatory compliance and security architecture.”
SOC 2 and ISO compliance serve a key role for organizations “seeking assurance of their partners’ business and technology and should be one of the very first questions in assessing a new vendor,” the update explained.
As confirmed in the update, HYPR achieved SOC 2 and ISO compliance “in record time thanks to our culture of security and commitment to compliance.” A-LIGN, an independent certification body accredited by the ANSI National Accreditation Board (ANAB), “issued HYPR’s certifications upon successful completion of our formal audit process.”
The announcement further explained that these certifications are “evidence that HYPR has met rigorous national and international standards in ensuring the confidentiality, integrity, and availability of customers’ information.” Their ISO 27017 supplemental certification “gives additional assurances to our customers as it relates to our cloud-based hosted services.” Their ISO 27018 supplemental certification “helps to demonstrate adherence to GDPR and CCPA PII data privacy obligations.”
As noted in the announcement:
“HYPR’s goal is to help businesses large and small achieve the highest level of assurance through True Passwordless™ Multi-factor Authentication (MFA). We recognized early on that our customers not only need to satisfy their own specific compliance needs with an advanced Passwordless MFA solution, but are looking for a trusted partner and platform that is also fully compliant to these same standards.”
The company also noted that their platform architecture, protocols and procedures “were developed with security in mind from the get go.” As explained by the firm, the process of gaining compliance has “taken this to the next level.” With these compliance certifications, the firm’s customers’ and partners’ auditors and vendor risk assessment teams “get independent assurance that all HYPR policies and practices are geared toward protecting customer data.”
HYPR’s multi-prong compliance efforts “demonstrate that HYPR is committed to building even greater trust and confidence in our service delivery and controls over information and data.” As an international firm, “meeting both ISO (international) and SOC2 (United States) standards are critical.”
As stated in their initial SOC 2 announcement, these certifications are “essential building blocks for our continuous investments into larger compliance and security efforts currently underway.”