Compliance and data security

SOC 2 Type II certified.

Trustate has successfully completed Type 2 Service Organization Control 2 (SOC 2 Type II) examinations, receiving certification from an independent auditor. This certification confirms our commitment to stringent information security policies and procedures.

What is SOC 2 Type II?

Independent Audit

The Type II report, which Trustate has successfully obtained, involves a rigorous and detailed examination by an independent auditor over an extended period. This means the auditor assesses not only the adequacy of our system design but also the operational effectiveness of those systems consistently over time.

Commitment to Compliance

What sets the SOC 2 Type II apart is its requirement for ongoing compliance, rather than just a snapshot of compliance at a single point in time. It requires regular follow-up audits to ensure continued adherence to these high standards.

For Cloud-based Storage

SOC 2 Type II is specifically designed for service providers storing customer data in the cloud, making it particularly relevant in today’s digital age. This standard uses criteria known as Trust Services Criteria—security, availability, processing integrity, confidentiality, and privacy.

Actively Monitored Security

Receiving this certification means Trustate's security measures and controls have been thoroughly vetted and are actively monitored and updated to address emerging threats and vulnerabilities.
This continuous improvement mindset helps provide peace of mind to our customers, knowing that their data is protected by a system that meets rigorous, industry-recognized standards.

Data Protection & Encryption

Data At Rest

Trustate uses the Advanced Encryption Standard (AES) with 256-bit encryption for all stored data, employing the same robust security measures as U.S. financial institutions.

Data Stored In the Cloud

Trustate’s platform stores your documents in ISO 27018-certified data centers, which adhere to stringent controls and guidelines for protecting Personally Identifiable Information (PII) in the cloud. This certification confirms that our systems have been independently verified for data security.

Data In Motion

Trustate secures data transfers with the Transport Layer Security (TLS) 1.2 encryption protocol. This cryptographic protocol ensures the secure transmission of data over the internet and authenticates our website’s identity.

Data Ownership

Your trust in Trustate to protect your personal information is something we deeply value. We commit never to share, sell, or transfer your data without your explicit consent, except as explicitly outlined in our privacy policy. Please visit ourPrivacy Policy to learn more.

Frequently Asked Questions

Does Trustate require Multi-Factor Authentication (MFA)?

Yes. Trustate requires Multi-Factor Authentication (MFA) for all user accounts (including for your underlying clients) to enhance security further. This protocol helps prevent unauthorized access by requiring multiple forms of verification.

How secure is the software platform?

Our software is built on the best in class platforms with the highest security standards in place. In addition to our secure platform, we have implemented a 3-step verification process to ensure the security of the data.

Can I share my account with a colleague?

To safeguard against unauthorized access, we do not allow user account sharing under any circumstances.

What if I suspect a security issue?

Only with your permission and direction. If you would like all estate administration communication to go through you, that is perfectly fine. If you prefer we reach out to the client directly, that works too. The choice is yours!