2023-01-25 Agora Data Attains SOC 2 Compliance Certification, Also Meets FTC Safeguards Rule for Protecting Customer Information
Accreditation Offers Additional Certainty to Agora Data’s Information Security Practices
ARLINGTON, TX, January 24, 2023 – Agora Data, Inc., received a compliance certification with the American Institute of Certified Public Accountants (AICPA’s) System and Organization Controls (SOC) 2. Agora Data’s SOC 2 Type II standard for information security was certified by an independent, trusted third party CPA firm on January 13, 2023.
The SOC 2 compliance certification is an industry-recognized designation that further reinforces Agora Data’s ongoing commitment to automotive dealer customers, vendors, partners, and personnel connected to Agora Data’s systems. Agora Data met the rigorous and high industry standards set by the AICPA for information security to receive the SOC 2 Type II designation.
“Agora Data has always prioritized the importance of protecting customer information. The SOC 2 certification is an industry gold standard for security for technology companies that work with sensitive information,” said Chad Stilwell, Chief Technology Officer, Agora Data. “This accomplishment further validates the security measures we’ve already put in place to protect our infrastructure and is one of many best-in-class initiatives the company has implemented to optimize business security and performance for all stakeholders.”
SOC 2 is an auditing measure that ensures service providers securely manage user data and requires a clean audit to receive certification. Compliance of SOC 2 Type II covers multiple categories for operational effectiveness including:
Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could compromise the availability, processing integrity, confidentiality, and privacy of information or systems and affect the entity’s ability to achieve its objectives.
Audit controls are in place such as system and security monitoring, employee onboarding and termination processes, background check on all employees, data encryption in transit and at rest, multi-factor authentication, segregation of duties, and ongoing risk assessments.
Agora Data’s SOC 2 compliance goes beyond the requirements of the Gramm-Leach-Bliley Act, a congressional law known as the Safeguards Rule overseen by the Federal Trade Commission (FTC). The Safeguards Rule requires financial institutions – companies that offer financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to safeguard sensitive data, including personally identifiable information.
Under the 2021 amendment to the Act, or Safeguards Rule, U.S. auto dealers are required to undertake a series of procedural, technical, and contractual steps to protect customer and other personal data. The requirements must be in place by June 9, 2023.
Information to help auto dealers understand their obligations under the Safeguards Rule can be found on the National Automotive Dealers Association website at this link.
Agora Data is a fintech company transforming automotive financing for U.S. auto dealers offering in-house financing for non-prime customers. The company provides auto dealers with access to ample, affordable capital with precision loan performance data and analytics.