SOC 2 Type II: Why Betterview is Holding Itself to the Highest Information Security Standards
At Betterview, we believe that being “Enterprise Grade” is not just a tag-line. Our mission is to satisfy the unique needs of P&C insurance carriers.
2 min read
Armin Monajemi : Nov 21, 2019 8:03:51 PM
Betterview, which is quickly becoming the platform essential to every transaction around buildings and properties, today announced its cloud-based property risk management platform successfully completed its System and Organization Controls 2 (SOC) I and II attestation reports without any exceptions. This attestation demonstrates Betterview’s commitment to its growing customer base that its system is designed to keep sensitive P&C carrier data safe and secure.
“P&C carriers are not only evaluating cloud software solutions like Betterview based on their features and functionality, but also on how well they are securing their data,” said David Lyman, CEO & Co-Founder, Betterview. “We felt that the best way to be able to prove that Betterview meets the stringent security requirements of our customers was through SOC 2. It was a significant investment of effort and money over two years to get where we are today, but it is critical given that we are working with insurance carriers that are only able to work with vendors that can prove that they are secure. It also represents a way for Betterview to stand out from the pack. We do not see our competitors or other InsurTech startups investing in security like we are.”
Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 Type I and SOC 2 Type II attestations require companies to establish and adhere to strict information security policies and procedures for their cloud-based solutions. Companies that attain a SOC 2 Type I attestation have been audited by an independent CPA firm to prove that an organization has a documented set of processes and controls in place. In order to achieve a SOC 2 Type II attestation, an independent CPA firm must conclude that the controls in place are not only suitably designed but are operating effectively over a 6 to 12 month time period.
“We believe a SOC 2 Type II attestation is considered the gold standard when it comes to data security. This attestation is an important milestone for Betterview because it demonstrates that not only are we committed to growing our company through product development, but we also prioritize security by adhering to the stringent standards of the AICPA SOC 2 requirements,” said Jason Janofsky, VP of Engineering, Betterview. “With our SOC 2, Type II attestation, we can now provide peace of mind to our users that our cloud-based property risk management platform has controls in place to operate effectively and to ensure secure processing of P&C carrier data.”
To obtain its SOC 2 Type II attestation, Betterview first had to obtain SOC 2 Type I attestation in 2018. Betterview was then audited for an 8 month period in 2019 by Mayer Hoffman McCann P.C., who evaluated and tested Betterview’s internal operational controls relative to the AICPA’s SOC 2 Security attestation requirements. Upon completion, Betterview demonstrated its commitment to security by following a rigorous set of security control procedures.
“In order to successfully obtain our SOC 2 Type I and SOC 2 Type II attestations, we had to invest significant time, effort, and money to prove we had the proper documentation and procedures in place and, relative to the Type II attestation, that our controls were operating effectively throughout the entire audit period. It has been a multi-year process to get here. These attestations demonstrate our commitment to managing our customer data in a safe and secure environment,” added Lyman.
“I am extremely proud of our team and what they have accomplished. Growing up in the loss control industry and having worked with P&C carriers my entire life, it’s vital for insurance carriers to know that when they engage with a third-party vendor that protocols are in place to ensure that their customer data will be kept safe and secure,” said Dave Tobias, COO & Co-Founder, Betterview. “By successfully completing our SOC 2, Type II attestation, we can now help P&C carriers adopt and implement our technology much quicker by answering vital questions around cloud security and the safety of their customers’ information,” said Tobias.
Betterview customers, partners, and prospects may request a copy of Betterview’s SOC 2 attestation report under an NDA through their account rep.
At Betterview, we believe that being “Enterprise Grade” is not just a tag-line. Our mission is to satisfy the unique needs of P&C insurance carriers.
“Betterview’s Guidewire PolicyCenterTM integration enables P&C underwriters to easily access Betterview’s property data and mitigate risk directly in...
In case you missed it in the news, we wanted to provide a quick recap on Plug and Play Ventures’ recent investment in Betterview (full press release).