Cybersecurity: iWave Takes Privacy and Security to the Next Level with SOC 2 Type 2 Compliance

Privacy and security are top of mind for iWave and the nonprofit organizations we work with. In the past, a security breach was viewed as something that could only happen to big companies such as Microsoft or Google. With the ever-changing online landscape, and more and more people working from home or in hybrid models, this is no longer the reality. The average number of breaches recorded in the U.S. from 2013-2016 was 821, from 2017-2020 it was 1340, marking an increase of 63%.

This increase affected more than just technology giants, smaller companies are being breached as well. This is mainly because smaller companies lack more sophisticated security safeguards compared to larger companies, making them a much easier target. It’s now estimated that 68% of all breaches annually target small businesses.

Proactively Protecting our Clients

In recent years, some of our nonprofit clients were even impacted directly when their long-term partners were hit with a significant breach. Having a breach in your own backyard can bring this reality to life and create teams to look within at their own security procedures and requirements. Security expectations and increased due diligence on the part of nonprofits have also led companies like iWave to step up their protocols from a security and privacy standpoint.

iWave has met the requirements of SOC (System and Organization Controls) to receive the SOC 2 Type II certification. This certification is recognized as an industry standard and provides our clients with reassurance that their data is safe and secure with iWave and also reaffirmed iWaves commitment to security and privacy as an organization.

The SOC 2 audit was completed by TrustNet (, a leading provider of CyberSecurity and Attestation services. “We are pleased to partner with iWave and provide professional services for this SOC 2 engagement,” commented Trevor Horwitz, CEO at TrustNet. “The SOC 2 attestation forms a critical complement of third-party validation for organizations becoming increasingly reliant on their service providers. These standards ensure transparency to customers, employees, and vendors, helping strengthen their trust in iWave.”

Related: iWave’s Commitment to Privacy and Security

SOC 2 Break Down

SOC 2 reports are examination engagements undertaken by a service auditor to report on the service organization’s operational controls to meet the selected Trust Services Criteria. The services can only be delivered by a licensed firm such as TrustNet. Essentially, SOC 2 certification is issued by outside auditors who assess the compliance of a vendor with one or more of the five trust principles based on their systems and processes.

SOC 2 Type II certification is a report on the service organizations description of controls and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives over a specified period of time

While SOC 2 compliance isn’t required for SaaS and cloud computing providers, its role in securing data should not be ignored. At iWave, we are committed to safeguarding our clients and their data. We understand the enormity of this task and the duty we have to provide industry-leading privacy and security capabilities. We have continued and will continue to make privacy and security an ongoing priority for our clients.

Related: Cyber Security: iWave has Your Back

Stay Up-to-date on Fundraising News and Resources

Want a Free Demonstration of iWave’s Fundraising Intelligence Platform?

Request a Demo