Emi’s Commitment to Security: Our SOC 2 Type II Report
At Emi, we don’t see security as a feature of our recruitment automation platform—we see it as the foundation. Security isn’t an afterthought or something merely bolted on at the end of our software development process—it’s part of our fundamental design philosophy.
Unfortunately, personal information has long been an attractive target for hackers and cybercriminals due to fraud and other actions they can carry out with it. And while organizations are mindful of the importance of protecting employee data like salary and benefits information, protecting job applicants’ personal information during the recruiting process is just as critical.
That’s why we’re happy to announce that Emi has received our SOC 2 Type II report.
Importance of data security in recruiting
Protecting candidate data is vital to any high-volume hiring strategy. When you're processing thousands of job applications—all of which contain sensitive personal information—data security must be at the top of your list. Data breaches can become costly for companies, costing them not only money but also time and their reputation.
But security goes far beyond protocols like two-factor authentication and access controls. And it also goes beyond how you manage data internally. It’s crucial to ensure your data is in safe hands with any HR technology you’re considering adopting. And any third-party technology used by your organization that collects or stores personal data should be audited.
So, how can you evaluate the security posture of third-party technologies you use in the recruiting process? By looking for SOC 2 Type II compliance.
What is SOC 2 Type II?
SOC, short for “Service and Organization Controls,” is a set of standards created by the American Institute of Certified Public Accountants (AICPA) to assess how effectively an organization protects the data it collects and stores. The SOC 2 Type II report is an audit that examines the internal controls and processes a cloud-based technology provider has implemented to safeguard customer data—and how effective those controls are over time.
Security is a top priority at Emi, and we know it is for your business too. Obtaining our SOC 2 Type II report is essential to demonstrating we take information security seriously and your data is safe with Emi. Earning your trust is important to us, and we want you to feel secure in our handling of your candidates’ personal information.
What’s included in our report
Thanks to our cybersecurity and compliance partner, Insight Assurance—who worked closely with us throughout the entire SOC 2 Type II auditing process—we are proud to share that we’ve obtained our SOC 2 Type II report. This is an exciting milestone for Emi and our customers, as the successful completion of this audit offers independent validation that the data our recruitment automation platform collects and processes is safe, secure, and available only to authorized users.
Our security policies and controls were evaluated during the audit to ensure they adhere to SOC’s stringent security standards. The audit covered our:
- Risk management and vendor due diligence
- IT infrastructure
- Software development life cycle
- Change management
- Logical and network security
- Physical & environmental security
- Computer operations
- Identity lifecycle management
Emi’s continued commitment to security
We are excited about what this achievement means for Emi and our customers, but we also recognize that data security and privacy is an ongoing effort. Emi continues to comply with the highest security standards to stay ahead of new and emerging security threats. In addition to obtaining our SOC 2 Type II report, we continually invest in security, improving practices, protocols, and tooling.
As the frontline recruitment automation platform that helps companies fill high-volume roles fast, companies count on us to deliver a seamless candidate experience—without sacrificing security. It’s why the world’s largest brands—like Walmart, 7-Eleven, Burger King, and Danone—trust Emi to screen thousands of applications, streamline the interviewing process, and personalize every interaction for a quality candidate experience. We know our customers entrust us with valuable data throughout the entire talent acquisition lifecycle—and we take their protection very seriously.