Blumira achieves service organization control (SOC) 2 Type 2 Certification

Oct. 13, 2022
Certification underscores Blumira's commitment to upholding highest standards of customer data privacy

ANN ARBOR, Mich., Oct. 12, 2022 /PRNewswire/ -- Blumira, a leading cybersecurity provider of automated threat detection and response technology, today announced it is officially SOC 2 Type 2 certified following the successful completion of its Type 2 examination. Blumira's cloud security information and event management (SIEM) help organizations of all sizes with limited security resources detect and respond to cybersecurity threats faster to stop ransomware and breaches.

To achieve this critical third-party assessment, Blumira underwent a rigorous independent audit performed by certified public accountant (CPA) firm ByteChek Assurance to ensure that Blumira's security protocols and use of data meet the strict data security requirements established by the American Institute of CPAs (AICPA). SOC 2 is a reporting framework for service organizations, developed by the AICPA, that specifies how organizations should manage customer data, based on the following Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy. This certification builds on Blumira completing its SOC 2 Type 1 examination in October 2021.

"We are proud to achieve SOC 2 Type 2 compliance," said Matt Warner, CTO and Co-Founder of Blumira. "Our team is dedicated to preserving the security and integrity of our customer's data. Successfully completing the SOC 2 examination shows our customers, partners, and the market at large the importance we place on security and building a cybersecurity product that customers can trust. As new compliance standards emerge and regulations become more strict, this is becoming increasingly important."

Blumira's SOC 2 Type 2 report provides detailed information and assurance about the security, availability, and integrity of the systems used to process users' data, and the confidentiality and privacy of the information those systems process. These reports help customers, MSPs, and partners assess Blumira's systems and the suitability of the design of the company's controls, as they can gain insight into Blumira's security processes, internal governance and risk management processes, and regulatory oversight.

Commitment to compliance

Blumira is committed to security, reliability, and compliance within its internal organization, and Blumira's team is committed to helping customers and partners understand and achieve compliance regulations quickly and easily. Blumira's platform helps organizations meet compliance, such as the updated Federal Trade Commission (FTC) Safeguards Rule. Business and IT leaders must prioritize implementing solutions and processes to meet these new requirements, with the impending deadline of December 9, 2022. 

Blumira's platform helps companies meet additional compliance requirements, including Cybersecurity Maturity Model Certification (CMMC), National Institute of Standards in Technology (NIST), Payment Card Industry Data Security Standard (PCI DSS), HIPAA, Federal Financial Institutions Examination Council (FFIEC), Center for Internet Security (CIS), and more by providing:

  • At least one year of log data retention
  • Audit trails, with data encrypted at rest and in transit
  • Monitoring of unauthorized activity, with fast detection (under a minute for real-time detections) and response

Customers recognize and value Blumira's ability to help them meet compliance controls, save time on security tasks, focus on real threats, and protect against breaches. Blumira customer Mike Morrow, Technical Infrastructure Manager for Ottawa County, said, "We're required by CJIS and IRS Pub 1075 compliance to review our logs daily. Blumira has saved us time because we can't monitor all of our logs–we would need a team of 100 to go through all of these logs manually."

Going Beyond Compliance

Blumira's cloud-based SIEM platform combines logging with automated detection and response for better security outcomes and consolidated security spend. The platform includes threat intelligence feeds, threat hunting, continuously updated detection rules, honeypots, both automated and guided playbooks for response, and at least one year of data retention with quick access to reports needed to meet compliance requirements.

Blumira can help organizations without dedicated security teams or expertise meet compliance regulations, streamline security, focus on real threats, and protect against breaches.

Learn more about Blumira's commitment to security and reliability, as well as the different compliance regulatory controls and requirements that Blumira's platform helps customers from all different industries meet for logging, detection, response, audit trails, and much more.

For more information on Blumira, please visit https://www.blumira.com/.

About Blumira

Blumira's mission is to help SMBs and mid-market companies detect and respond to cybersecurity threats faster to stop breaches and ransomware. Blumira's all-in-one SIEM platform combines logging with automated detection and response for better security outcomes and consolidated security spend. Blumira was recognized by G2 as a Momentum leader, ranked as 'Best Support,' 'Fastest Implementation,' and 'Easiest to Use' in the G2 Fall 2022 Grid® Reports. Meet compliance controls, save time on security tasks, focus on real threats and protect against a breach faster than ever with Blumira.