Blog Image
Putting Client Data Security First

Safeguarding Trust

Author Image
IRIS
06/24/2026

IRIS Strategic Marketing operates under established data security protocols to ensure all client information remains secure and protected.

“Data security is an essential part of our operations. By keeping our SOC 2 Type II certification current, we ensure our entire platform meets the highest industry standards for security and confidentiality, giving our customers absolute peace of mind. Beyond these framework standards, our platform is fully GDPR compliant to meet global expectations for user data security and access,” shares Paul Kotz, president of IRIS Strategic Marketing Support.

What is SOC 2 Certification?

Service Organization Control 2 (SOC 2) is an industry compliance standard developed by the American Institute of Certified Public Accountants (AICPA). It establishes strict criteria for managing and securing customer data stored in the cloud.

An independent audit verifies that systems meet five core Trust Services Criteria:

  • Security: Protection against unauthorized access, unauthorized disclosure or system damage.
  • Availability: Ensuring systems and information are operationally available when needed.
  • Processing  Integrity: Verifying that system processing is complete, valid, accurate, timely and authorized.
  • Confidentiality: Restricting access to data designated as confidential.
  • Privacy: Protecting personal information in accordance with standard privacy principles.

 

How SOC 2 Compliance Verifies Our Systems

The SOC 2 audit process evaluates the technical and operational controls used to secure data. Maintaining this compliance does more than prove these safeguards exist; it confirms that our data defenses are proactively positioned and consistently executed whenever situations arise. This process provides objective verification across four critical areas:

· Infrastructure and Data Protection: The audit verifies the active deployment of technical safeguards, including network firewalls, data encryption at rest and in transit and multi-factor authentication. These controls block unauthorized access and prevent data exposure.

· Independent Operational Verification: Compliance requires annual, third-party examination of our internal workflows. This independent oversight ensures that IRIS security policies are actively practiced and that system controls operate effectively over time.

· Vulnerability and Incident Management: Our systems undergo regular threat assessments and vulnerability scanning. This technical oversight allows for the proactive identification of any potential system weaknesses, ensuring established protocols are in place to isolate and alleviate potential security incidents.

· Regulatory and Industry Alignment: The SOC 2 framework aligns data-handling controls with standard privacy and security regulations, including GDPR and HIPAA. This documentation satisfies the formal vendor compliance and risk-assessment requirements of clients operating in highly regulated sectors, verifying that our vendor management software features meet strict enterprise standards.

Practical Impact: Operational Risks vs. SOC 2 Mitigations

 

Protecting client trust is built into our organizational DNA. We engage and maintain dozens of policies to ensure that IRIS maintains the highest level of platform security and integrity. This approach goes far beyond our GearBox platform to touch every aspect of our internal working methodology, validating our commitment to continuous improvement and secure digital marketing.

Compliance and Onboarding Documentation

For current IRIS clients conducting annual vendor reviews, as well as prospective partners completing technical due diligence, we invite you to request our latest SOC 2 Type II compliance documentation.

 

LEARN MORE
GET MY FREE GUIDE

See how GearBox® transforms channel marketing and drives measurable results with our innovative platform.

SCHEDULE A DEMO
Who is IRIS?
About UsContact Us
Capabilities
Channel Partner SupportB2B MarketplaceGlobal to Local Marketing
Industries Served
ManufacturingFranchise / RetailRestaurantsReal EstateInsuranceFinance
Resources
Case StudiesThe In-Focus Blog
IRIS 2026 All Rights Reserved | Strategic Marketing Support IRIS and its products and services, are not in any way associated with or endorsed by Gearbox Software, LLC.
Privacy Policy