SAN DIEGO, CALIF., July 9, 2024 – FMG, an industry-leading SaaS company specializing in marketing software and services for financial advisors and insurance agents, is proud to announce it has received its Service Organization Controls (SOC) 2 Type 1 certification, taking a major step forward in its data and system security. cybersecurity.
SOC 2 certification validates a company’s cybersecurity controls at a specific point in time, with the critical purpose of:
- Confirming the adequacy of policies, procedures, and controls to protect the integrity of Company and Customer data.
- Assessing the design and sufficiency of related systems, tools, and strategies to support such policies and procedures.
- Controling and optimizing data privacy and security efforts while identifying opportunities for enhancement and improvement in any of these areas.
To receive certification, service organizations must be in compliance with all SOC 2 trust principles relevant to their organization. The SOC 2 trust principles include:
- Security: This principle ensures the protection of system resources against unauthorized access, use, disclosure, disruption, modification, or destruction. It covers measures to prevent data breaches, cyberattacks, and other security incidents.
- Availability: This principle focuses on ensuring that systems, applications, and data are accessible to authorized users when needed. It involves measures to ensure system uptime, disaster recovery plans, and business continuity strategies.
- Processing Integrity: This principle safeguards the accuracy, completeness, and timeliness of data during processing, storage, and transmission. It ensures that data is not altered or manipulated in an unauthorized way.
- Confidentiality: This principle focuses on protecting the confidentiality of sensitive client information. It involves measures to restrict access to data only to authorized personnel and prevent unauthorized disclosure.
- Privacy: This principle focuses on protecting the privacy of client data and adhering to relevant data privacy regulations. It involves measures to manage and control the collection, use, disclosure, and disposal of personal information.
“Over the course of the past twelve months, FMG has updated its IS policies and processes and enhanced a number of key internal controls governing data security,” said Dave Christensen, FMG’s Chief Product and Technology Officer. “After a rigorous audit of all these elements, we are pleased to have received a Type 1 report validating those efforts.”
Many firms now require SOC 2 certification as a threshold for doing business. Given this ever-increasing demand for air-tight Information Security in the cloud-based digital marketing space FMG occupies, FMG’s SOC 2 Type 1 certification marks a significant step forward in its evolution as an industry-leading digital marketing powerhouse.
“Certification provides reassurance to existing customers that their sensitive business data is safe with us,” said Susan Theder, FMG’s Chief Marketing and Experience Officer. “Plus, it gives potential customers the confidence necessary to do business with us, expanding our list of potential enterprise partners.”
In addition, FMG is on pace to achieve Type 2 certification imminently and views its Type 1 certification as not only validation of its InfoSec controls but a strong sign of ongoing data security rigor, which is of paramount importance to the heavily regulated and cybersecurity-conscious financial services and insurance industries.
About FMG
Founded in 2011, FMG is a SaaS company specializing in all-in-one marketing software and services for the wealth management industry and serves more than 40,000 financial advisors and insurance agents. FMG provides websites, email and social media tools, multimedia content, and more, with the goal of making it easy for users to build their brands, stay in touch with clients, and grow their businesses. FMG has relationships with the leading independent broker-dealer networks and integrations with several widely used wealthtech platforms.
About SOC 2
Defined by The American Institute of Certified Public Accountants (AICPA), a System and Organization Controls (SOC 2) examination is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy. SOC 2 reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems.
