SOC 2 Type II: Why Betterview is Holding Itself to the Highest Information Security Standards

At Betterview, we believe that being “Enterprise Grade” is not just a tag-line. Our mission is to satisfy the unique needs of P&C insurance carriers.

We understand that P&C carriers have strict information security requirements and they expect us to be proactive when it comes to safeguarding their data.

In order to ensure we are doing everything possible to keep our customer data safe and secure, Betterview has been working hard behind the scenes for the last two years.

Today we’re happy to announce that all of that hard work has come to fruition by announcing we have received our SOC 2 Type II attestation without any exemptions.

What are SOC 2 Type I and SOC 2 Type II Attestations?
SOC 2 Type I and SOC 2 Type II attestations were developed by the AICPA and require companies to establish and adhere to strict information security policies and procedures for their cloud-based solutions.

• SOC 2 Type I attestation: An audit has been performed by an independent CPA firm to prove that an organization has a documented set of processes and controls in place.
• SOC 2 Type II attestation: A second audit is performed by an independent CPA firm and it must conclude that the controls in place are not only suitably designed but are operating effectively over a 6 to 12 month time period.

Why is the SOC 2 Type II Important to P&C Insurers?
Headline risk and data security is always a cause of concern for P&C carriers when working with cloud-based solution providers.

This year alone, Macy’s, Uber, Slack, and many others suffered data breaches, which were caused by third parties.

A SOC 2 Type II attestation is considered the gold standard when it comes to data security, and more importantly, proves that Betterview’s property risk management platform was designed to keep sensitive P&C carrier data safe and secure.

To obtain a SOC 2 Type II attestation, Betterview first had to obtain its SOC 2 Type I attestation in 2018 and prove it had a documented set of processes and controls in place.

After receiving our SOC 2 Type 1 attestation, Betterview was then audited for an 8 month period in 2019 by Mayer Hoffman McCann P.C. (MHM), a top ten accounting firm, which evaluated and tested Betterview’s internal operational controls relative to the AICPA’s SOC 2 Security attestation requirements.

After completing its audit, MHM concluded that Betterview demonstrated a commitment to security by following AICPA’s rigorous set of security control procedures.

Leading the Pack in Security
Over the past year as our customer base has grown, companies such as Nationwide Insurance, Conifer Insurance, EMC Insurance, and Frederick Mutual can feel better knowing Betterview has proactively answered vital questions around cloud security, as well as addressed the safety of their customers’ information.

David Lyman, CEO & Co-Founder, Betterview recently addressed the impact of Betterview successfully passing its SOC 2 Type I and SOC Type II exams by saying:

“We felt that the best way to be able to prove that Betterview meets the stringent security requirements of our customers was through SOC 2. It was a significant investment of effort and money over two years to get where we are today, but it is critical given that insurance carriers can only work with vendors that can prove they are secure. It also represents a way for Betterview to stand out from the pack. We do not see our competitors or other InsurTech startups investing in security like we are.”

“In addition, to providing P&C carriers with peace of mind, our SOC 2 Type II attestation can help insurers to adopt and implement our AI technology much quicker now by answering vital questions around cloud security and the safety of their customers’ information,” added Dave Tobias, COO & Co-Founder, Betterview.

Betterview invites customers, partners, and prospects to request Betterview’s SOC 2 attestation report under NDA by contacting email.