We are proud to announce that Treefort has attained SOC 2 Compliance!

In today’s digital world, data security is critical. One way to demonstrate as a business that you care about your customer’s data is by undergoing security framework implementation. It sounds very bureaucratic but if you Google “data breaches” you can see why customers will want businesses, especially a software as a service business, to implement this type of rigorous security process.

We chose to go with SOC 2, as it is the most recognized in North America and requires the business to implement a security framework, produce a detailed report and undergo annual audits to confirm that the business is following these security procedures. Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 spells out how organizations should protect customer data from unauthorized access, security incidents, and other vulnerabilities. Implementing a security framework is an extensive process that typically takes up to three years to complete.

In our case we were able to speed up the process by working with the University of Concordia Edmonton and hire two master’s students from the Master of Information Systems Assurance Management and Master of Information Systems and Security Management programs. What attracted us to this approach, is that these students typically have 6 to 8 years of on-the-job cybersecurity experience. In our case we were able to hire two master’s students to work with our team with extensive cybersecurity and security framework implementation experience. Given that the market is very tight to find this type of expertise and talent we were very excited to work with these students and then be able to hire after they graduated. This approach allowed us to optimize our resources and condense our SOC 2 security framework implementation and complete the process in one year.

SOC 2 implementation does not just involve your IT team, it touches everyone within your organization, as the process is designed to educate everyone in your company on cybersecurity, data security and privacy security. We believe the effort was worth it and wanted to share this company milestone with all of you as we value our customers and your trust in us!

Our SOC 2 compliance isn’t just a certificate: it’s a testament to our commitment. It’s the reason our brand stands tall, our customers trust us, and our services excel. As we proudly display those three letters—SOC 2—we know we’re not just compliant; we’re champions of data security. Let’s continue to protect, differentiate, attract, and improve. Our journey doesn’t end here; it’s just the beginning.

Kim Krushell, Co-founder