What SOC 2 Type II Certification Means for Our Customers, a Q&A with LocaliQ SVP of Tech Raj Sudra 

With over 90% of the US population actively using the internet, data security has become an increasingly important topic. People want to know how businesses are collecting, storing, and using their data—and who has access to it.

That’s where Service Organization Controls (SOC) 2 Type II certification comes in. It’s the gold standard when it comes to data security, and we’re excited to announce that LocaliQ has successfully achieved this certification.

The certification raises the bar on security and trust for our current and future partners and customers.

To further understand what SOC 2 Type II certification is and why it’s so important, we talked with Raj Sudra, Senior Vice President of Technology & Engineering for Digital Marketing Solutions at Gannett.

Can you tell us a little bit about SOC 2 Type II and what the certification process looks like?

SOC 2 Type II is a framework that outlines how a business should manage, secure, and operate related sensitive data.

The framework helps align all our IT data security, compliance, and privacy policies and procedures to safeguard our customers and our operational data.

The SOC 2 Type II certification involved meeting the criteria designed by the American Institute of Certified Public Accountants. An external auditor was brought in to assess our data collection and handling policies and ensure all LocaliQ Digital Marketing Solutions technology teams are aligned and following the rules and regulations we put in place.

What made our team start the process for SOC 2 Type II certification?

In my opinion, digital advertising is all about data. And one of the key themes across this ecosystem is data privacy and new regulatory compliance. Overall, there is a lot of scrutiny from a regulation perspective into how organizations are collecting and handling data, and people are questioning their own data privacy.

It became very evident that we needed to undertake this industry standard certification to meet our customers’ growing data privacy and compliance needs.

This certification validates our commitment to customer security and privacy with the highest of standards, which is especially crucial to our many customers in regulated industries including healthcare where HIPAA rules are critical.

What does a company need to get SOC 2 Type II certification?

There’s a rigorous checklist of requirements an organization must meet to obtain SOC 2 Type II certification. These can be broken down by five key criteria—security, availability, processing integrity, confidentiality, and privacy.

This isn’t a short process—it took about 16 months to work through the various phases, but it was important to make sure we’re delivering the best experience for our customers and giving them the confidence that we’re prioritizing their data privacy.

How does our SOC 2 Type II certification benefit our customers?

In a nutshell, I would say it gives our customers confidence that LocaliQ is managing and handling their data in a secure, safe, and compliant way as certified by an external auditing body.

They can trust that their data is protected to the highest standards.

Prioritizing data security with SOC 2 Type II

We’re excited that this certification solidifies our dedication to data security and allows LocaliQ to expand our partnerships with new customers who seek to only work with certified marketing technology companies.

Thanks to Raj for his insight and expertise! You can learn more about SOC 2 Type II certification here.