SOC 2 Type II
Mastermind is proud to have completed a Type II System and Organization Control (SOC) 2 examination against the Security criteria.
The SOC 2 Type II examination is performed by an independent third-party and tests controls against Trust Services Criteria (TSC) as defined by the American Institute of Certified Public Accountants (AICPA). The examination was performed by Schellman & Company, LLC and a report with no exceptions was issued.
Data Security
automotiveMastermind.com and its customer’s data is hosted through a Multi-Cloud Environment. Multi-layered security provided by PaaS across all physical Data Centers, infrastructure, and operations ensures constant threat protection.
All data moved within Mastermind is in a private and protected environment. All data is encrypted both in transit and at rest which ensures all customer data is secure. Any stored data on-site is securely stored within protected facilities that include security guards, camera surveillance and cloud redundancy in case of a catastrophic event.
Mastermind utilizes role-based permissions controlled within all environments. This adheres to both PII (Personally Identifiable Information) laws and limits the scope of employee access, following the principle of least privilege.
Policies and Procedures
When disposing of any asset, sensitive data is removed prior to disposal. Based on industry standards, data destruction protocols are used for proper erasure according to type. Minimally, data will be removed using low level formatting and degaussing techniques
All internal systems are protected through strict security policies including multi-factor authentication and condition-based access requirements.
Mastermind commits to undergo the SOC 2 Type II examination on an annual basis to ensure security controls continue to be independently evaluated.