Is ReReady SOC 2 compliant?

Yes, ReReady is SOC 2 compliant (certification pending).

We enforce all five Trust Services Criteria (TSC) as follows:

• Security (required)
  • Firewalls
  • Intrusion detection
  • Two-factor authentication (required for our employees)
• Availability
  • Performance monitoring
  • Disaster recovery
  • Security incident handling
• Processing integrity
  • Data validation
  • Processing monitoring
  • Quality assurance
• Confidentiality
  • Authentication
  • Authorization
  • Encryption (in transit and at rest)
  • Data retention policy
• Privacy
  • Access controls
  • Two-factor authentication
  • Encryption

We have established policies for:

1. Information Security Policy
2. Access Control Policy
3. Password Policy
4. Change Management Policy
5. Risk Assessment and Mitigation Policy
6. Incident Response Policy
7. Logging and Monitoring Policy
8. Vendor Management Policy
9. Data Classification Policy
10. Acceptable User Policy
11. Information, Software and System Policy
12. Business Continuity and Disaster Recovery