Your company’s design IP is the lifeblood of your company and gives you a competitive edge, so protecting that information is a priority. Keeping critical information confidential and secure is a challenge for every organization, in part because there’s no single, professional standard for assessing cybersecurity. Not only that, information security, or infosec, is a game of cat and mouse that never stops evolving. Design IP is incredibly valuable, and digital thieves are constantly developing new ways to circumvent security measures. It’s difficult to maintain robust and effective cybersecurity.
The American Institute of Certified Public Accountants (AICPA) developed a cybersecurity risk management reporting framework, called SOC 2, to solve that problem. AICPA’s system and organizational control (SOC) reporting is meant to help build effective information security into organizations of any size across all industries.
What is SOC 2?
At a high level, the SOC 2 compliance framework is designed to identify a company’s systems, processes, and controls that they put in place to detect, prevent and respond to data breaches. There are two types of SOC 2 audits. SOC 2 Type 1 audits evaluate the design of an information security system and its components. A SOC 2 Type 2 audit evaluates both the design of an infosec framework and its operating effectiveness. Both types of audits can be performed by CPAs who do security consulting.
Along with the auditing framework, the AICPA created standards around best practices to make it easy for companies to implement strong security measures. Once those measures are put in place, the auditing process ensures that the measures are sufficient and functional to keep customer and partner data safe and secure.
How Fictiv Protects Your Design IP
Fictiv knows how critical information security is in a digital manufacturing environment, especially when working with high-value design IP.
That is why we are proud to share that Fictiv’s physical security, information systems security, employee processes and policies, and our manufacturing partner protocols have been independently assessed as compliant with SSAE18 SOC 2 standards by an AICPA approved third party auditor.
Advanced IP Protection with Secure+
Additionally, our Secure+ offering, available through the Fictiv Enterprise plan, takes IP protection to the next level with advanced security protocols.
Here’s how it works:
Secure+ orders are exclusively matched with partners in our network that meet the highest security standards and are themselves independently audited and compliant with ISO 27001, SSAE18 SOC 2, or NIST security standards. Fictiv also performs due diligence on each of them — including annual on-site inspections — before they become or remain a Secure+ partner.
Those partners offer access-controlled rooms with video surveillance on entrances and exits where parts are produced, and only select, authenticated users whose actions are logged can access design data. Additionally, we implement personal device controls in manufacturing facilities and retain IP data for a max of 15 days after orders are complete to maintain information security.
Fictiv-issued devices that have neither internet connection nor removable memory cards are used for documenting inspections, and design IP information is only transferred over secured, audited channels. We implement strong authentication requirements on production systems, including multi-factor authentication, strong password protocols, and encryption. We also use cutting-edge application and physical network security, plus system monitoring with intrusion detection and prevention.
The Bottom Line
In short, our SOC 2 security compliance means that the Fictiv platform:
- Protects data from unauthorized access or disclosure of information
- Runs systems that perform their functions correctly
- Keeps confidential information confidential
Fictiv aims for elite-level security and confidentiality, and the SOC 2 compliance process is what helps us deliver both. Our customers can rest easy knowing that their design IP is safe within our secure Digital Manufacturing Ecosystem.
If you’re ready to join the future of manufacturing and learn more about how we keep your design IP secure, create an account with Fictiv today!