By Marjorie Donaldson

By Marjorie Donaldson

Co-Founder and Technology Consultant at smartIT

We’re excited to announce that smartIT is actively pursuing SOC 2 compliance certification, demonstrating our unwavering commitment to data security and privacy

What is SOC 2 Certification?
SOC 2 (Service Organization Control 2) is a rigorous auditing process that verifies the effectiveness of an organization’s security controls and practices. It’s a benchmark for companies like smartIT that handle customer data and want to assure their clients that their information is treated with the highest level of care.

Why SOC 2 Matters to Prospect and Current Clients?
 Achieving SOC 2 certification means that we’re going the extra mile to secure your data. When you partner with smartIT, you can trust that your information is in safe hands. Here’s why SOC 2 certification is a game-changer:

  1. Enhanced Data Security: SOC 2 compliance demands robust data security measures. We’re implementing and maintaining strict controls to safeguard your data against unauthorized access, ensuring its confidentiality and integrity.

  2. Data Privacy: Your privacy is our priority. SOC 2 ensures that we adhere to the highest standards when it comes to handling and protecting sensitive information.

  3. Reliability: SOC 2 certification demonstrates our commitment to providing reliable services. You can count on us for consistent and secure data management.

  4. Competitive Advantage: By choosing smartIT, you’re choosing a partner that puts security first. With SOC 2 certification, we’re setting ourselves apart as a leader in data security and compliance.


Our Journey Towards Certification We’ve assembled a dedicated team of experts who are working tirelessly to meet the stringent requirements of SOC 2. From implementing robust security controls to documenting our processes, we’re leaving no stone unturned on our path to certification. 

Continuous Security Control Monitoring

smartIT uses Drata’s automation platform to continuously monitor 100+ internal security controls across the organization against the highest possible standards. Automated alerts and evidence collection allows smartIT to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.

Employee Trainings
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data. 

Penetration Test
smartIT works with industry leading security firms to perform annual network and application layer penetration tests.

Secure Software Development
smartIT utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.

Data Encryption
Data is encrypted both in-transit using TLS and at rest.

Vulnerability Disclosure Program
If you believe you’ve discovered a bug in smartIT’s security, please get in touch at Our security team promptly investigates all reported issues.

Stay Informed and Connected
We’ll keep you updated on our journey towards SOC 2 certification through regular blog posts and social media updates. 

To learn more about our SOC 2 journey, contact us!​

About smartIT

smartIT provides top-notch, hassle-free, user-friendly, one-ticket resolution, reliable, on-site and remote IT and Infosec services to New York Metro businesses, organizations, and non-profits of all sizes, ranging from startups to large enterprises. We specialize in custom IT support, cybersecurity, operations consulting, JAMF and Intune MDM, VoIP, vCIO and vCISO, cloud support & maintenance, Microsoft 365 consulting solutions, systems migration services, IT staff augmentation solutions, password management, employee on/off-boarding support, secure access service edge, security monitoring software, vendor management services, SaaS monitoring & response, firewall & antivirus deployment, disaster recovery & data backup, device management support, Google Workspace administrator, low voltage cabling & installation, dark web monitoring solutions, Zoom – Phone, Video & Room Set-up, Zero Trust Application Management, Virtual Office Set-up Solutions, RingCentral – Phone, Meeting & Room, Network Infrastructure Management, managed wired & wireless networking, phone systems & video conferencing, security incident & event management, printer management solutions, security training, phishing simulation, compliance & governance – FTC, safeguards, SOC2, and Security Operations Center – Monitoring. For more information about smartIT, please visit

share on