We are excited to announce that Opaque Systems has received the Service Organization Control (SOC) 2 Type 2 compliance certification for our Confidential AI and Analytics platform. This certification provides our customers with the assurance that our platform is securing data according to best practices. We have undergone SOC 2 examination resulting in an audit report stating that management of Opaque Systems maintained effective controls over the security, confidentiality, and privacy of our platform.
We view this certification as confirmation of our hard work to create a platform that successfully allows multi-party, collaborative analytics on encrypted data. Today, there is a growing need to protect sensitive data throughout its lifecycle – from data at rest to data in use and during analysis. Traditional encryption solutions are now rendered insufficient as they only protect data at rest and in transit. Protecting, processing, and analyzing data-in-use within Trusted Execution Environments (TEEs) is the new standard for secure data collaboration however TEEs have historically been challenging to use due to the lack of tools available that enable data sharing and collaborative analytics, and the highly specialized skills needed to work with data encrypted in TEEs.
Our platform overcomes these challenges by providing data scientists with a multi-party confidential analytics and AI solution that makes it possible to run frictionless analytics on encrypted data within TEEs. It enables secure data sharing and enables multiple parties to perform collaborative analytics while ensuring each party only has access to the data they own. Our platform has the ability to accelerate Confidential Computing use cases that are critical to solving the world’s most complex problems across industries such as manufacturing and logistics, financial services, healthcare, retail, telecom and public sector.
Specifically, our platform has been deemed compliant to the following principles and related criteria, developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: Our platform is protected against unauthorized access (both physical and logical).
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
The SOC 2 report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used by the service organization to process customers’ information, as performed by BARR Advisory, P.A.