Raising the Bar for UAS Operational Security and Compliance


Aloft Has Passed a SOC2 Type II Audit

Aloft was founded on the principle that operators should have control over their drone data. As we grew our business and went on to support thousands of enterprise customers, we routinely underwent reviews, tests, and examination of our platform’s security and reliability. After successfully passing hundreds of those tests, we earned a strong reputation for our compliance controls and high-security standards. 

Today we’re announcing that Aloft now has more support and evidence of that reputation as we have passed a SOC 2 Type II audit. This means that when it comes to how we protect data, we do what we say we do and you don’t have to take our word for it.  

In the spirit of this achievement and in keeping with the evidentiary approach to how we engage with customers (especially when it comes to security), we’ve asked Joanna Martucci, Senior Manager, Risk Assurance & Advisory Services from Armanino LLP the firm that performed the audit and authored the report to explain more about SOC 2 Type II:

What is a SOC 2 Type II audit?

"A SOC 2, Type II report is an attestation report that tests the compliance and effectiveness of an organization’s internal controls over a period of time, as outlined by the AICPA’s Trust Services Criteria. Companies seeking SOC 2 compliance can identify which of the Trust Services Categories are applicable to the services that they provide to customers, which will identify specific criteria that must be addressed through policies, procedures, and internal controls."

Why is being SOC2 Type II certified important? 

"A SOC 2, Type II certification is important because it provides certain assurances to Aloft customers that Aloft has well designed and operational procedures in place to ensure the security of their information, including customer’s data. SOC 2, Type II compliance demonstrates Aloft’s ability to securely manage customer data and protect the interests of organizations who utilize their services."

Joanna Martucci

Senior Manager
Risk Assurance & Advisory Services
Armanino LLP

Security comes in many forms. While network security is obviously a critical factor, SOC 2 also looks at factors like disaster recovery and disaster readiness. When COVID-19 struck and everyone began to shelter in place, Aloft was ready with a disaster preparedness plan. Key teams referenced our plans, and we were able to seamlessly keep serving our enterprise customers and maintain the same levels of availability and service that distinguishes Aloft as an enterprise product.

We’re Not Stopping There

Aloft is continuing to institute new security elements, such as ongoing penetration tests, as we aim to deliver the industry-leading platform for security and privacy. By giving your aviation program a singular platform to manage your team, your fleet, and your airspace, we’re helping to deliver not only on security but also compliance. Without the need to think about integrations and all the various apps (and therefore multiple privacy policies and security concerns) your team needed to use previously, the opportunity to secure your operations has never been greater. 

To request a copy of our report, visit www.aloft.ai/security/ or email infosec@aloft.ai.