5
Min Read

Kaleido Achieves SOC 2 Type 2 Compliance

Steve Cerveny
Founder & CEO
February 26, 2021
Kaleido Achieves SOC 2 Type 2 Compliance
Update
Since this post was written, Hyperledger FireFly has reached 1.0. Learn more here!

Kaleido has received a report from the first SOC 2 Type 2 examination of controls for our SaaS platform.  The report attested to the effectiveness of our controls in accordance with the Trust Services Criteria for Security, Availability, and Confidentiality.

The examination was conducted by A-LIGN Assurance in accordance with the American Institute of Certified Public Accountants (AICPA) attestation standards and assurance standards issued by the International Auditing and Assurance Standards Board (ISAE 3000) so it can be relied on by both US and international customers.

Kaleido’s mission is to accelerate the adoption of enterprise blockchain. That means bringing radical simplicity to a technology that is notoriously difficult to use. It also means everything we do is enterprise grade.  We’ve been investing in security and compliance since day one.

SOC 2 Type 2 is a critically important set of standards often required by our enterprise customers in order to trust a SaaS provider. We’ve built Kaleido to serve enterprises with sensitive data and in regulated industries— and SOC 2 is the cornerstone for security compliance.

Our Control and Compliance Journey

Kaleido has been committed to enterprise-level security, availability, and confidentiality from the beginning--even before our public launch in 2018. Our compliance journey focused on adoption of widely-accepted standards and compliance frameworks so customers can be assured that protection of their data, and our system they rely on, is built on a solid foundation.

ISO 27001 Certification

The first major milestone on this journey was achieved in 2019 and certified soon after.  In January of 2020, Kaleido became a certified provider whose Information Security Management System (ISMS) received accreditation from the International Standards Organization under ISO 27001.  This also included controls from the ISO 27017 and 27018 frameworks for Cloud Computing Security and Protection of Personally Identifiable Information.

SOC 2 Trust Services

We then set sight on our next major milestone – SOC 2 compliance.  Kaleido considered each of the AICPA’s “points of focus” for Security, Availability, and Confidentiality and added controls to our existing ISMS in order to address the applicable Trust Services Criteria. 

After designing the new SOC 2 controls, we put them into effect and began looking forward to proof of reaching this milestone.  That proof came in December 2020 with completion of the SOC 2 Type 2 examination.

Kaleido chose a Type 2 examination and selected a six-month period so our customers can feel confident that we’ve not only published good policies, but we’ve made effective control over security, availability, and confidentiality an integral part of how we manage Kaleido every day.

Kaleido’s Security and Compliance Commitment 

Kaleido’s commitment to enterprise-level security, availability, and confidentiality is in our DNA and it’s driven by our desire to accelerate enterprise adoption of blockchain.  We want all our customers to feel secure in their selection of Kaleido.  

We also know many of our customers have their own vendor risk management controls that are most easily met when they partner with service providers having widely-recognized certifications and auditor attestations.  Kaleido’s largest, most security-conscious customers can rely on our commitment to security and compliance.

Our Journey Goes On

Kaleido’s control and compliance journey goes on and we regularly assess the ever-growing risks, frequently-changing regulations, and constantly-evolving best practices.  

As we strive for continuous improvement, we consider investments in other control frameworks and certifications that will be most meaningful to our customers.  These are the milestones on which Kaleido has set our sights.

Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account
Don't forget to share this article!
Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account

The Ultimate Enterprise Blockchain Glossary

Your guide to everything from asset tokenization to zero knowledge proofs

Download Now

Swift Utilizes Kaleido in New CBDC Sandbox

Learn how Swift, the world’s leading provider of secure financial messaging services, utilizes Kaleido in its CBDC Sandbox project.

Download Now

Related Posts

Exploring the Future of Money: Insights from the BIS Innovation Summit 2024

Exploring the Future of Money: Insights from the BIS Innovation Summit 2024

Marc Lewis
Managing Editor
SWIFT's Groundbreaking CBDC Experiments Pave the Way for Global Financial Innovation

Swift's Groundbreaking CBDC Experiments Pave the Way for Global Financial Innovation

Introducing Avalanche on Kaleido: Enterprise-Grade Nodes and Subnets

Introducing Avalanche on Kaleido: Enterprise-Grade Nodes and Subnets

Steve Cerveny
Founder & CEO

Blockchain made radically simple for the enterprise

No Credit Card Required
ISO27K & SOC2 Type 2 Compliant
Free Training & Support