Founded in 2023
AstranovaLabs recognises that the confidentiality, integrity and availability of information and data created, maintained and hosted by us are vital to the success of the business and privacy of our partners.
As a service provider/product, we understand the importance in providing clear information about our security practices, tools, resources and responsibilities within AstranovaLabs so that our customers can feel confident in choosing us as a trusted provider.
This Security Posture highlights high-level details about our steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.
Founded in 2023
Updates (1)
Read the most recent and major updates about AstranovaLabs’s security program.
SOC2 In-Progress
Dec 5, 2024
We are thrilled to share an exciting update on Astranova Labs' journey towards ensuring world-class standards in information security and operational excellence. Following the successful completion of our ISO 27001 certification, we are now actively working on achieving SOC 2 certification to further strengthen our commitment to security, trust, and compliance.
Key Milestones Achieved in ISO 27001
Our ISO 27001 certification reflects our comprehensive approach to managing and securing information assets. The achievement validates that our Information Security Management System (ISMS) meets the globally recognized standard, ensuring:
Robust data protection practices. Systematic identification and mitigation of security risks. Streamlined processes for security incident management. This accomplishment not only safeguards our internal operations but also underscores our dedication to protecting client data and maintaining their trust.
Progress on SOC 2 Certification
As we transition to SOC 2 compliance, our focus is on demonstrating adherence to the Trust Services Criteria:
Security: Ensuring systems are protected against unauthorized access. Availability: Ensuring system uptime aligns with our commitments. Confidentiality: Safeguarding sensitive information during its lifecycle. Processing Integrity: Verifying that systems operate as intended without unauthorized modifications. Privacy: Adhering to data collection and usage practices aligned with privacy requirements.
Steps We Are Taking: Gap Assessment: We have completed an initial gap analysis to identify and prioritize controls needed for SOC 2 readiness. Policies & Procedures Alignment: Policies established for ISO 27001 are being tailored to align with SOC 2 requirements, ensuring a seamless transition. Technology Enhancements: Enhancing monitoring, logging, and incident response systems to meet SOC 2's rigorous standards. Employee Training: Conducting focused workshops to ensure all employees understand and adhere to SOC 2 expectations. Engaging Auditors: Partnering with an independent auditing firm to validate our compliance during the Type I and Type II audit stages.
Why This Matters to You Achieving SOC 2 certification will:
Enhance confidence in our ability to protect your data. Demonstrate our compliance with the highest industry standards. Solidify our position as a trusted provider of secure, scalable, and compliant solutions. Timeline We aim to complete our SOC 2 Type I audit by Q1 2025, followed by the Type II audit by Q1 2025, ensuring ongoing operational excellence.
