Blog

As a marketing agency serving mainly the health care and financial industries, we’re dedicated to providing our clients with the best possible service while ensuring the utmost security and privacy of their data. That’s why we’re proud to have just completed our 10th consecutive year of SOC 2 Type II certification, after initially obtaining a SOC 2 Type I in 2012.

SOC 2 Type II: What is it?

SOC 2 Type II is an industry-standard certification that verifies a company’s ability to safeguard customer data and maintain a secure and reliable IT infrastructure. It demonstrates that a company has implemented comprehensive controls and procedures to ensure the security, availability, and confidentiality of its customers’ data.

Our commitment: why it should matter

We understand that our clients’ data is one of their most valuable assets, and we take the responsibility of safeguarding that data seriously. This certification ensures that we have the appropriate controls and procedures in place to protect our clients’ data from unauthorized access, use, or disclosure … and there are more steps involved than you might imagine:

• Employees are vetted and properly trained
• Regulatory compliance
• Risk is assessed and managed
• Strong vendor management, ensuring our vendors and partners are held to our same high standards
• Incident response planning
• Plans and processes for both disaster recovery and business continuity are developed and practiced
• Facility and system access control based on need/role

Our commitment to SOC 2 Type II is not just about compliance — it’s about maintaining our clients’ trust and confidence in our ability to keep their data protected. By working with us, our clients can be confident that their data is being handled with the utmost care and security.

The auditing process: how we ensure our clients’ security

The SOC 2 Type II certification process involves a rigorous audit of our security controls and procedures by the American Institute of Certified Public Accountants (AICPA). The auditor evaluates our systems and processes to ensure they meet the standards set forth in the SOC 2 Type II framework. We undergo this audit annually to ensure that we continue to meet the highest standards of security and compliance. This means that our clients can trust that we are constantly monitoring and improving our security measures to stay ahead of potential threats.

We undergo this audit annually to ensure that we continue to meet the highest standards of security and compliance.

But we don’t stop at annual audits. New criteria require constant vigilance to comply. That’s why DMW adheres to a continual improvement process for SOC 2 Type II throughout the year. We’re constantly evaluating client security requirements, assessing the impact of any changes, and then planning and implementing updates to ensure full compliance.

In short, we don’t want the AICPA to sock it to us. We want to be fully ready to crush it when that annual audit rolls around.

Hopefully, that badge on our website will make a little more sense now

When you go to our website and see this certification badge among our other affiliations, you’ll know we’re committed to providing our clients with the highest level of service while ensuring only the most stringent data security. You won’t find many other agencies displaying it, but we work hard for that badge every year, for 10 years running (way before it was trendy). We’re proud of it, and proud of our commitment to you.

But our SOC 2 Type II certification is just one of the many ways we demonstrate a deep commitment to our clients. Talk with DMW and find out how serious we are about bold, innovative thinking, and getting you the best possible ROI for your next engagement.