Cyber Security Data Protection Business Privacy concept.
CommercialLatest NewsMRO

Swiss AviationSoftware Achieves SOC 1 and SOC 2 Compliance

  • Swiss-AS has achieved SOC 1 and SOC 2 compliance
  • Our rigorous security controls safeguard systems and customer data
  • Continuous improvement ensures Swiss-AS remains a trusted software partner

Addressing the Growing Threat of Cyber-Attacks in the Aviation Industry

In an era where cyber threats are increasingly sophisticated and prevalent, the aviation industry stands at the forefront of these challenges. The European Air Traffic Management Computer Emergency Response Team (EATM-CERT) has consistently reported a surge in cyber-attacks throughout 2023, with ransomware extortion being a significant threat. Swiss Aviation Software (Swiss-AS) has recognised the need to strengthen its security measures and is proud of having achieved SOC 1 and SOC 2 compliance. This demonstrates our commitment to protecting our systems and customer data.

Understanding SOC 1 and SOC 2 Compliance: What It Means for Data Security

SOC 1 and SOC 2 compliance represent rigorous standards for managing and securing data. SOC 1 focuses on controls relevant to financial reporting, ensuring that data handling processes are secure and reliable. SOC 2, on the other hand, addresses controls related to security and availability. Obtaining these certifications underlines our commitment to transparency and trust and gives our customers confidence in our solid security position.
Building on our foundation of security excellence, Swiss-AS has already maintained ISO/IEC 27001 certification for over three years. Our successful re-certification in December 2023 attests to our ongoing commitment to high standards. Achieving SOC 1 and SOC 2 compliance further enhances our security measures, offering customers a secure and reliable environment, particularly with our AMOS Hosting services.

“Swiss-AS’ successful achievement of SOC 1 and SOC 2 compliance is a testament to our commitment to security, transparency and customer trust. By continuously improving our security measures and conducting rigorous independent examinations, we provide a secure and reliable environment for all our customers. This strategic initiative not only strengthens our security posture, but also ensures that Swiss-AS remains a trusted partner in the aviation software industry.”, says Jean-Philippe Schad, Information Security Officer at Swiss-AS.

A Strategic Approach to Continuous Security Improvement

Security is a continuous commitment, akin to the ongoing maintenance required for aircraft safety. With our successful completion of the Type 1 SOC 1 and SOC 2 examinations in 2024, we have laid the groundwork for annual Type 2 SOC 1 and SOC 2 examinations from 2025 onwards. This strategic approach ensures we continually meet and exceed security standards, reinforcing trust and transparency with our customers.

Swiss-AS’s dedication to achieving SOC 1 and SOC 2 compliance involves comprehensive evaluations of our security controls and processes. These independent examinations will validate our systems, providing customers with peace of mind that their data is protected. By simplifying risk management processes, we aim to address customer concerns directly and effectively.

Benefits for Customers

  • Enhanced Security and Trust: Customers can rest assured that Swiss-AS is committed to maintaining the highest security standards, reducing the risk of data breaches and cyber threats.
  • Transparent Risk Management: The SOC 1 and SOC 2 examinations provide clear, independent verification of our security controls, making it easier for customers to assess and trust our risk management practices.
  • Compliance and Assurance: Achieving these certifications demonstrates our dedication to compliance, aligning with industry best practices and regulatory requirements, thereby offering customers added assurance.
  • Confidence in Cloud Services: With our robust security measures, customers can confidently utilize AMOS operations and AMOS Hosting services, knowing their data is secure, even in a cloud environment.