At QuantAQ, we work with customers across a variety of industries including government organizations, Fortune 100 companies, community groups/NGOs, and universities. Keeping customer and air quality sensor data secure is of paramount concern and obtaining our SOC 2 Type II attestation report shows our commitment toward security to our customers.

Often, we are asked by potential customers to perform a security audit or attest to our security protocols using their own checklists and forms. Now that we have our SOC 2 Type II report, obtaining IT and/or vendor approval can be streamlined with demonstration of QuantAQ's use of a globally recognized security control framework.

What does SOC 2 Type II mean for our customers?

SOC 2 Type II generally covers safeguarding customer data in the cloud. For most customers, this means:

• QuantAQ is committed to safeguarding customer data and information and has follows globally recognized security control frameworks
• All QuantAQ employees and contractors are in compliance with our internal safety measures and protocols
• QuantAQ uses only data storage solutions and cloud providers that meet stringent security standards themselves
• QuantAQ systems and processes are audited by independent auditors
• Streamlined risk evaluation and IT approval
• Improved trust in using QuantAQ as a vendor

How did we do it?

We partnered with Vanta, the leader in continuous compliance monitoring, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data.

We are a small team of dedicated engineers and we were able to obtain SOC 2 Type II in large part due to Vanta's platform and automation. The audit preparation was simple as Vanta plugged into our data systems and collected evidence for us ahead of the actual audit itself. Vanta connected us with the auditor and facilitated communication throughout the audit process. In addition to completing our 2022 audit, Vanta continuously monitors all QuantAQ systems in an ongoing manner to ensure we are constantly in compliance and to help reduce the burden in future SOC 2 Type II audits.