CalAmp’s Director of Product and Information Security Reza Salari knows compliance and security are of paramount importance. As an industry leader in IoT and telematics, the company manages its own sensitive data, and is a custodian of their customers' data. With this in mind, Salari partnered with ScaleSec to prepare for the SOC 2 process.
CalAmp is a provider of IoT software applications, cloud services, data intelligence and networked telematics products and services. CalAmp’s AWS-based platform “PULS-CTC” has achieved SOC 2 Type I. Auditors examined the CalAmp telematics management platform, an environment that provides customers access to extensive intelligence and edge computing from their high-value mobile assets, cargo and infrastructure.
Multiple industries, such as automotive and trucking, construction, consumer goods, public safety, government, energy and insurance, are leveraging CalAmp’s flexible solutions to discover new ways to improve safety, increase productivity and reduce costs. This SOC 2 report will provide assurance that controls that protect these systems and data meet organizational security, transactions, and confidentiality of data as defined by the American Institute of Certified Public Accountants (AICPA). Further, it allows CalAmp to establish trust with consumers of their platform, reduce the time and cost of due diligence, and ultimately reduce the sales cycle time.
With multiple SaaS platforms and service offerings in the cloud, a “one size fits all” approach was not ideal for CalAmp’s SOC 2 efforts. Policies and procedures had to conform to strict standards but also support a rapidly-evolving company and industry. ScaleSec used their expertise in cloud-native services, cyber security, and development to help CalAmp build a cloud security and compliance program, with a set of security controls that provide true compliance and security without sacrificing agility.
Demonstrating strong security is important to earn the trust of our customers, and is critical to the business itself," said Salari. “ScaleSec’s reputation in the security and compliance space and their expertise in AWS cloud technology made them the perfect fit to help us prepare for audit.
/,br />ScaleSec took a holistic view of CalAmp’s processes and controls to create a program that reflects reality. They came to understand our business as well as we did, and helped us reach a level of security we are truly proud of,” Salari said. “They’re as much a part of our InfoSec team as anyone at CalAmp. Reza Salari Director of Product and Information Security
Results / Impact / Highlights
Beyond technological aspects, the team introduced programs including risk management, employee development, vendor management, and regulatory monitoring capabilities. ScaleSec worked directly with the CalAmp team to design, document the system, demonstrating each control and preparing the team for audit.