Security and compliance are the backbone of our business.
Engiven Inc. has successfully completed the AICPA Service Organization Control (SOC) 2 Type I audit. The SOC 2 Type 1 audit confirms that Engiven Inc.’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security and establishes Engiven as the first cryptocurrency donation platform to demonstrate this level of security compliance.
Providing our clients and their donors with a trusted, safe, and secure platform to resource vital projects and missions via donations of cryptocurrency is critical to our focus as a company dedicated to crypto-enabling philanthropy. SOC 2 reviews are now a best-practice and an industry standard for demonstrating security compliance in the technology and financial industries.
Engiven’s SOC 2 Type 1 audit was conducted by Prescient Assurance, a leader in security and compliance attestation for B2B, SAAS companies worldwide. Prescient Assurance is a registered public accounting firm in the US and Canada and provides risk management and assurance services which includes but is not limited to SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, and CSA STAR.
With the Type 1 audit complete, Engiven is committed to next obtaining a Type 2 audit. SOC 2 Type 2 assesses how effective an organization's security controls are over time.
All Engiven accounts provide the user with the option to utilize multi-factor authentication, or ‘MFA’ for short. MFA is a tool to protect user data from being viewed or accessed by an unauthorized person. MFA does this by requiring more than a single password for account login, allowing the Engiven user to designate a trusted third-party authenticator app that is required, along with the account password, in order to access the user account.
Engiven’s exchange service partner, Gemini, utilizes Chainalysis, a blockchain transaction monitoring and analytics service. Chainalysis creates alerts on transfer activity with exposure to certain, pre-defined risky wallet addresses. Exposure may be identified in either a direct transfer or indirect exposure resulting from previous transfer activity. These alerts can be created in a variety of ways, however the typical alert is based on a single transfer event, the level of risk of the wallet address and the amount of funds involved.
Engiven maintains Professional Liability, Cyber, and E&O insurance coverages. Additionally, each of our client's Gemini accounts are covered by insurance maintained by Gemini against certain types of crypto losses from their exchange account and from Gemini Custody®. To learn more about Gemini's insurance, please visit here. Details on Engiven’s insurance can be provided to prospective clients upon request.