Security Certification Demonstrates Commitment to Data Security and Privacy
Rosslyn, VA, June 21, 2023 – Shift5, the onboard data company, today announced it has attained SOC 2 Type II certification. The attestation with an unqualified opinion comes from independent CPA firm Linford & Co LLP. The rigorous and extensive evaluation process certifies the company’s ability to uphold and manage its customers’ data, maintain system availability, process information accurately, and uphold strict confidentiality and privacy principles to the highest standards.
Developed by the American Institute of CPAs (AICPA), the SOC 2 framework is based on five trust services criteria: security, availability, processing integrity, confidentiality, and privacy. Certification is granted to organizations that demonstrate implementation of controls and procedures to safeguard customer data. The ability to meet the criteria required to earn SOC 2 Type II certification was based on an evaluation of various Shift5 policies and practices:
-
Infrastructure: the company’s production environment, including physical and hardware components.
-
Software: the SaaS programs and operating software implemented by the company.
-
People: the personnel involved directly in the operation and use of systems involving customer data, and their related responsibilities.
-
Data: access, storage, and security controls surrounding customer data in the company’s system.
-
Processes and Procedures: the procedures involved in the operation of the company’s system as well as its policies regarding customer communications.
“Shift5 provides observability into onboard Operational Technology (OT) data from the most critical industries supporting U.S. national defense and transportation. Demonstrating our commitment to secure and effective stewardship of such data is table stakes,” affirmed Egon Rinderer, CTO, Shift5. “We’re pleased to share Shift5’s success in our SOC 2 Type II report, and we look forward to future certifications validating our commitment to customer data security over time.”
Issued in May 2023, Shift5’s SOC 2 Type II report was based on an audit of the company’s internal control policies and practices from October 1, 2022 to March 31, 2023. This accomplishment comes on the heels of Shift5’s first cross-platform Authority to Operate (ATO) Certification from the U.S. Department of Defense (DoD), which substantiated the resilience and security of Shift5’s technology for the warfighter. Such ongoing efforts demonstrate the company’s continued focus on enhancing its security measures, adapting to evolving threats, and maintaining compliance with industry standards.
About Shift5
Shift5 is the onboard data company. Created by officers who stood up U.S. Army Cyber Command and pioneered modern weapons system cyber assessments, Shift5 defends commercial transportation systems and military platforms against operational failures and OT cybersecurity risks. Household name aviation companies, U.S. railroads, and fleets within the U.S. military rely on Shift5 to maintain the readiness and availability of today’s fleets and tomorrow’s next-generation assets. For more information, visit https://shift5.io.
Media Contact:
Katie Garagozzo
katie@shift5.io
Shift5, Inc.