Customer and user privacy have always been one of our top priorities here at Highway Benefits. When Mick and Cory started Highway two years ago, they knew that they wanted to build with users’ security and privacy in mind and, from my own personal experience, I agreed. In my past roles, I've spent significant focus on maintaining customer and payment privacy to ensure we never violate a customer’s trust.
I've been a victim in large scale data breaches and know that it impacts everyone affected. From signing up for identity protection to canceling credit cards; it’s not an easy process, either. Having experienced it on my own, I know I never want customers of our product to have to worry about anything involving their security and privacy. This is why we made it a foundational principle for the engineering team.
After I joined the team, we unanimously made SOC 2 Certification one of our first priorities as a business.
SOC 2 is a voluntary compliance standard created by the American Institute of CPAs (AICPA). The standard specifies how service organizations should manage customer data such that they fulfill the Trust Services Criteria governing data security, availability, processing integrity, confidentiality, and privacy.
Companies that are SOC 2 Certified have completed an audit process and received a SOC 2 report which certifies that the company successfully meets the standards of the Trust Services Criteria.
As a lean team, making SOC 2 one of our first priorities was certainly a risk–the certification process can be long and costly for an early stage venture–but because we knew we wanted to build the product and business with a core focus on privacy and security, we decided undergoing a SOC 2 audit sooner rather than later was the right choice for Highway Benefits.
At the beginning of the year, we kicked off the audit process, and partnered with the team at Vanta, the leader in continuous compliance monitoring, to automate the collection of our audit evidence.
For the past 6 months, we’ve refined and stress-tested our incident response protocols; we’ve ensured all our systems have the right security measures in place and adhere to best practices in data protection; we’ve vetted and trained existing and new team members alike on how to manage privacy and security properly at Highway.
It was a full team effort and today, we’re pleased to be able to say that we’re officially SOC 2 Certified!
Officially receiving our SOC 2 Type 2 report is a huge win for Highway that demonstrates our serious commitment to our customers’ and users’ privacy and security.
Our customers can find peace of mind in knowing that our team here at Highway Benefits is taking every measure to safeguard your and your employees’ data.
Since our platform handles student loan information, financial data, and sensitive personal information, we make sure to use best in class practices to protect user data.
Some of the steps we take to protect your information include:
Obtaining our SOC 2 Certification was just the start. As Highway Benefits continues to scale, we will continue to monitor our company to make sure we have the right software, systems, and protocols in place to protect our users’ privacy and security and maintain our compliance status. We’ve committed to renewing our SOC 2 Certification annually and are investing in continual auditing to ensure round the clock compliance.
To learn more about our security practices, speak with a member of our team today.