Ascend announces SOC 2 Type II Certification

Ascend is a SOC 2 Type II certified platform. And we’re proud of our ongoing effort to maintain this certification.

Often, SOC 2 Type II certification is misunderstood as a one-time checkbox.  In reality, the AICPA requires these audits to be conducted annually by an independent third party. That requirement exists for a reason: security risks evolve, and recurring audits are designed to uncover new vulnerabilities as the threat landscape changes.

When evaluating technology vendors and legacy tools, organizations should take a close look at their SOC 2 status. Just because a vendor was once SOC 2 certified, this does not mean they hold a current certification. Organizations can do their due diligence by requesting a current SOC 2 Type II report, confirming it was completed by an independent audit firm, and verifying that the report is less than one year old.‍

Recent security breaches in the nonprofit SMS space serve as a clear reminder of what’s at stake.

Regular audits can surface weaknesses early, before they escalate into serious incidents that compromise supporter data or erode your organization’s trust.

For SMS vendors maintaining a SOC 2 Type II certification, you can often access their third party security audit directly from their public trust center.

You can view Ascend’s here.

For nonprofits, political campaigns, and unions that depend on a vendor for broadcast SMS and Instagram messaging, SOC 2 Type II certification should be viewed as a requirement, not a “nice-to-have.”

Want to learn more about Ascend’s approach to security? Schedule a demo!