Opower achieves SOC 2 data security certification


Dan Yates,
CEO, Opower
Arlington, VA, U.S.A. — (METERING.COM) — January 21, 2013 – Customer engagement solutions provider Opower has completed a Service Organization Controls (SOC) 2 Type 2 examination related to the data security and confidentiality principles of the American Institute of Certified Public Accountants (AICPA) Trust Services Principles (TSPs).

The examination, conducted by Deloitte &Touche LLP, covered the design and effectiveness of Opower’s data security controls over the Opower 4 customer engagement platform.  

“As part of Opower’s founding principles to protect confidentiality, we have invested heavily in data integrity, confidentiality and security,” said Dan Yates, the company’s founder and CEO. “Reaching this prestigious recognition illustrates the success and nature of our commitment.”

To achieve certification required that the data security controls were suitably designed and operating effectively over a period of time to meet the criteria for the security and confidentiality principles set forth in TSP section 100 (Trust Services Principles, Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Technical Practice Aids).

Opower, the first in this industry to obtain this certification, is currently working with 80 utilities with more than 15 million customers.

The company’s security practices are built on the US National Institute of Standards and Technology (NIST) risk management framework. SOC 2 is the next step in these security efforts.