Key Customer Facts
- - Location: Irvine, CA
- - Size: 840 employees
- - Industry: Telematics
- - Use case: SOC 2 compliance and security
- - Website: https://www.calamp.com/
- CalAmp’s Director of Product and Information Security Reza Salari knows compliance and security are of paramount importance. As an industry leader in IoT and telematics, the company manages its own sensitive data, and is a custodian of their customers’ data. With this in mind, Salari partnered with ScaleSec to prepare for the SOC 2 process.
CalAmp is a provider of IoT software applications, cloud services, data intelligence and networked telematics products and services. CalAmp’s AWS-based platform “PULS-CTC” has achieved SOC 2 Type I. Auditors examined the CalAmp telematics management platform, an environment that provides customers access to extensive intelligence and edge computing from their high-value mobile assets, cargo and infrastructure.
Multiple industries, such as automotive and trucking, construction, consumer goods, public safety, government, energy and insurance, are leveraging CalAmp’s flexible solutions to discover new ways to improve safety, increase productivity and reduce costs. This SOC 2 report will provide assurance that controls that protect these systems and data meet organizational security, transactions, and confidentiality of data as defined by the American Institute of Certified Public Accountants (AICPA). Further, it allows CalAmp to establish trust with consumers of their platform, reduce the time and cost of due diligence, and ultimately reduce the sales cycle time.
With multiple SaaS platforms and service offerings in the cloud, a “one size fits all” approach was not ideal for CalAmp’s SOC 2 efforts. Policies and procedures had to conform to strict standards but also support a rapidly-evolving company and industry. ScaleSec used their expertise in cloud-native services, cyber security, and development to help CalAmp build a cloud security and compliance program, with a set of security controls that provide true compliance and security without sacrificing agility.
Results / Impact / Highlights
Beyond technological aspects, the team introduced programs including risk management, employee development, vendor management, and regulatory monitoring capabilities. ScaleSec worked directly with the CalAmp team to design, document the system, demonstrating each control and preparing the team for audit.