Connect with us

Hi, what are you looking for?

HEADLINES

Kaspersky renews SOC 2 audit by Big Four firm

Kaspersky has once again completed a Service Organization Control for Service Organizations (SOC 2) Type 1 audit, conducted by an international Big Four accounting firm. The independent assessment reaffirmed that the development and release process of Kaspersky’s antivirus bases are protected against unauthorized changes by security controls. 

Committed to the highest security principles, Kaspersky has once again completed a Service Organization Control for Service Organizations (SOC 2) Type 1 audit, conducted by an international Big Four accounting firm. The independent assessment reaffirmed that the development and release process of Kaspersky’s antivirus bases are protected against unauthorized changes by security controls. 

Developed by the American Institute of Certified Public Accountants (AICPA), the Service Organization Controls (SOC) Reporting Framework is a globally recognized report that confirms that the organization’s security controls are in conformity with AICPA’s Trust Services Criteria (TSC), namely security, availability, processing integrity, confidentiality and privacy. Kaspersky first completed the SOC 2 Type 1 examination in 2019 as part of the company’s Global Transparency Initiative (GTI).

The reassessment, launched in late January 2022, was successfully completed in late April. During the examination, Big Four auditors among other things scrutinized the company’s policies and procedures related to the development and release of antivirus (AV) bases, the network and physical security of the infrastructure involved in this process and the monitoring tools used by the Kaspersky team. The examination also covered how the company communicates the terms and conditions of the AV bases release process to its employees and users and customers.

As a result of the audit, it was concluded that Kaspersky’s internal controls for protecting the development and release process of antivirus bases for Windows and Unix OS systems are suitably designed to meet all five trust categories covered by the TSC. The scope of the current audit has been expanded compared to the 2019 assessment, as Kaspersky has since introduced new security tools and controls. The full report can be provided to our customers upon request.

“We are proud to once again reaffirm the integrity and security of our engineering practices delivering high-class cybersecurity solutions. The security and trust of our customers and partners are a key priority for us. This new independent assessment provides the necessary assurance and verifies the trustworthiness of the solutions and services we offer. The SOC 2 assessment gives a rigorous and, at the same time, useful description of our safeguards to customers and partners about how Kaspersky’s AV bases are developed and distributed. The report is a confirmation of Kaspersky’s commitment to proactively protecting its infrastructure and guaranteeing the security of its customers and partners,” comments Anton Ivanov, Chief Technology Officer at Kaspersky.

Advertisement. Scroll to continue reading.

The renewal of the SOC 2 Type 1 report falls within a broader range of activities that are part of Kaspersky’s GTI, demonstrating the company’s ongoing commitment to accountability. Kaspersky is among the first in the industry to start operating Transparency Centers, in which the company’s stakeholders can review Kaspersky’s source code, software updates and threat detection rules. It regularly seeks independent third-party assessments of the company’s engineering practices, data services and compliance with existing industry standards. Earlier this year, the company renewed its ISO 27001 certification, an internationally recognized applicable security standard, which was issued by independent certification body TÜV AUSTRIA. 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

Statistics from Kaspersky Security Network (KSN) revealed that phishing attempts in the Philippines is higher than in Indonesia (65.90%), Singapore (55.67%), Thailand (55.63%),  Malaysia...

White Papers

Intruder dwell time was longer in smaller organizations’ environments. Attackers lingered for approximately 51 days in organizations with up to 250 employees, while they...

HEADLINES

The PLDT group’s latest clampdown on ‘smishing’ has expanded earlier efforts to prevent these harmful messages from reaching customers. From January to May this...

White Papers

Data from Kaspersky showed the detected attempts to attack Filipino mobile users plunged to 55,617 or 49% in 2020 compared to 110,128 in 2019.

HEADLINES

Today endpoint security is an integral part of an organization’s cyber defense infrastructure, which shares threat intelligence feeds and policy controls with all other...

HEADLINES

Tonik has selected the Noname API Security Platform to ensure that its digital efforts, which have accelerated during the pandemic, incorporate robust cybersecurity measures that...

HEADLINES

Talking about cybersecurity is talking about technology. However, it is increasingly common to study cyber risk as part of an interdisciplinary approach. After all,...

HEADLINES

A new Kaspersky Safe Kids study has revealed the most viewed children’s interests between March and May 2022.

Advertisement