Carousel Digital Signage Achieves SOC 2 Compliance

To ensure the Carousel Cloud software remains SOC 2 certified, the company says it will continue to make investments into the platform to ensure it passes the annual requirements.
Published: July 14, 2023

MINNEAPOLIS—Carousel Digital Signage has achieved SOC 2 Type 1 and Type 2 Compliance for its Carousel Cloud software.

Issued by the independent CPA firm Boulay PLLP, the SOC 2 audit reports confirm that Carousel has implemented the appropriate internal controls to protect customer data delivered to digital signage end points in the cloud.

Recommended for SaaS and cloud computing environments, SOC 2 outlines requirements for safeguarding customer data based on the five trust services criteria for security, availability, processing integrity, confidentiality, and privacy. A SOC 2 Type 1 report evaluates the design of security controls at a point in time, while a SOC 2 Type 2 report attests to the operating effectiveness of the controls over a period of time. Carousel Digital Signage achieved Type 1 status as of January 31 and successfully completed its first Type 2 assessment period ending on April 30.

Carolyn Korchik, director of information security and compliance for Carousel Digital Signage, says that offering a SOC 2 report not only validates the security of the Carousel Cloud platform, but it also removes the security fact-finding and operational burdens for new and existing Carousel Cloud customers.

SSI Newsletter

“SOC 2 provides a standards-based framework that is widely accepted in the IT industry, so it simplifies the due diligence and vetting process that end users would otherwise need to endure on their own to ensure proper data handling,” states Korchik.

“We save customers time, money, and resources by incorporating SOC 2 principles into everything we do – and then confirming it through third-party assurance.  This improves the Carousel Cloud experience for all users, allowing them to focus on their content and digital signage initiatives.”

The company says that Korchik led the charge for both compliance achievements, working carefully to actively monitor security related procedures and controls and collect evidence for auditor evaluation. Along the way Carousel Digital Signage boasts that Korchik and her team conducted gap assessments and revised policies and procedures to grow and mature Carousel’s information security program and ultimately meet SOC 2 compliancy standards. According to the company, the process was a labor of love that benefitted from her experience in audit, compliance, loss prevention and physical security working for large household name brands such as Lyft and Target.

“Security is an area that provides a unique opportunity for everybody – including competing digital signage suppliers – to openly collaborate to make sure we are all striving to follow best practices to ensure we are appropriately protecting our customers,” adds Korchik.

“As SOC 2 requires an annual review process to maintain compliance, Carousel will continue to make investments in this area to ensure the highest level of security and compliance and build and maintain trust with our customers.”

More news from Security Sales: Total Tech Summit Attendees Could Earn $250 for Their Social Media Prowess

Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series