Devo Technology Successfully Completes Type II SOC 2® Examination

CAMBRIDGE, Mass., July 18, 2019 – Devo Technology, the data analytics platform that unlocks the full value of machine data for the world’s most instrumented enterprises, today announced that it has successfully completed a System and Organization Controls (SOC) 2® Type II Audit examination for the Devo Data Analytics Platform. The SOC 2® Type II examination was completed by Skoda Minotti, a leading risk advisory and compliance firm. 

Skoda Minotti’s testing of Devo’s controls included examination of their policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas of their business. Upon completion of the audit, Devo received a Service Auditor’s Report with an unqualified opinion demonstrating that their platform and supporting policies, procedures, and infrastructure meet or exceed the stringent SOC 2® Type II criteria.

“Devo is purpose-built for modern security operations; it’s in our DNA to ensure our customers’ sensitive, valuable data is protected,” said Pedro Castillo, Founder and CTO, Devo. “The successful completion of our SOC 2® Type II examination provides Devo’s customers with a signal of our deep and continuous commitment to data security and the assurance that the controls and safeguards we employ to protect and secure their data are in line with industry standards and best practices.” 

Ben Osbrach, CISSP, CISA, QSA, CICP, CCSFP, partner-in-charge of Skoda Minotti’s risk advisory group said, “We were excited to continue our audit relationship with Devo on the completion of their 2019 SOC 2® Type II. Devo strives for improvement in their controls year over year; taking their responsibility for maintaining a well-controlled and secured environment seriously.”

SOC 2® Type II engagements are performed in accordance with the American Institute of Certified Public Accountants’ (AICPA) AT-C 205, Reporting on Controls at a Service Organization and based on the trust service principles outlined in the AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy. The SOC 2® Type II report is performed by an independent auditing firm and is intended to provide an understanding of the service organization’s suitability of the design and operating effectiveness of its internal controls. A service organization may select any or all of the trust service principles applicable to their business and Devo chose to report on security, availability, and confidentiality. The successful completion of this voluntary engagement illustrates Devo’s ongoing commitment to create and maintain a secure operating environment for their clients’ confidential data.

About Devo

Devo unlocks the full value of machine data for the world’s most instrumented enterprises, putting more data to work now. Only the Devo Data Analytics Platform addresses both the explosion in volume of machine data and the new, crushing demands of algorithms and automation, enabling IT operations and security teams to realize the full transformational promise of machine data to move the business forward. Devo is a privately held company based in Cambridge, MA and is backed by Insight Partners. Visit www.devo.com to learn more.

About Skoda Minotti

Skoda Minotti is a Certified Public Accounting Firm based in Cleveland, OH offering a variety of tax, finance, and business advisory services in virtually every area of business. The Risk Advisory practice specializes in SOC Reporting, PCI DSS Compliance, HIPAA Compliance and HITRUST validation, FISMA, NIST, ISO 27001, Vulnerability and Penetration Testing, and other regulatory information security assessments. Staffs in Skoda Minotti’s Risk Advisory hold several industry certifications including Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Qualified Security Assessor (QSA), GIAC Penetration Tester (GPEN), and GIAC Web Application Penetration Tester (GWAPT). For more information about Skoda Minotti’s Risk Advisory Services, please visit skodaminotti.com/risk.