Carousel Digital Signage Achieves SOC 2 Compliance
To ensure the Carousel Cloud software remains SOC 2 certified, the company says it will continue to make investments into the platform to ensure it passes the annual requirements.
MINNEAPOLIS—Carousel Digital Signage has achieved SOC 2 Type 1 and Type 2 Compliance for its Carousel Cloud software.
Issued by the independent CPA firm Boulay PLLP, the SOC 2 audit reports confirm that Carousel has implemented the appropriate internal controls to protect customer data delivered to digital signage end points in the cloud.
Recommended for SaaS and cloud computing environments, SOC 2 outlines requirements for safeguarding customer data based on the five trust services criteria for security, availability, processing integrity, confidentiality, and privacy. A SOC 2 Type 1 report evaluates the design of security controls at a point in time, while a SOC 2 Type 2 report attests to the operating effectiveness of the controls over a period of time. Carousel Digital Signage achieved Type 1 status as of January 31 and successfully completed its first Type 2 assessment period ending on April 30.
Carolyn Korchik, director of information security and compliance for Carousel Digital Signage, says that offering a SOC 2 report not only validates the security of the Carousel Cloud platform, but it also removes the security fact-finding and operational burdens for new and existing Carousel Cloud customers.
“SOC 2 provides a standards-based framework that is widely accepted in the IT industry, so it simplifies the due diligence and vetting process that end users would otherwise need to endure on their own to ensure proper data handling,” states Korchik.
“We save customers time, money, and resources by incorporating SOC 2 principles into everything we do – and then confirming it through third-party assurance. This improves the Carousel Cloud experience for all users, allowing them to focus on their content and digital signage initiatives.”
The company says that Korchik led the charge for both compliance achievements, working carefully to actively monitor security related procedures and controls and collect evidence for auditor evaluation. Along the way Carousel Digital Signage boasts that Korchik and her team conducted gap assessments and revised policies and procedures to grow and mature Carousel’s information security program and ultimately meet SOC 2 compliancy standards. According to the company, the process was a labor of love that benefitted from her experience in audit, compliance, loss prevention and physical security working for large household name brands such as Lyft and Target.
“Security is an area that provides a unique opportunity for everybody – including competing digital signage suppliers – to openly collaborate to make sure we are all striving to follow best practices to ensure we are appropriately protecting our customers,” adds Korchik.
“As SOC 2 requires an annual review process to maintain compliance, Carousel will continue to make investments in this area to ensure the highest level of security and compliance and build and maintain trust with our customers.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!