WHITE PAPER
Driving the Future of Connected Cars with MQTT →

EMQ Achieves SOC 2 Type I Compliance Certification for Its MQTT Services System

Aug 22, 2023

EMQ Achieves SOC 2 Type I Compliance Certification for Its MQTT Services System

Morgan Hill, CA, August 16, 2023EMQ, developer of the world’s leading open-source MQTT messaging platform, EMQX, announced today that it had achieved System and Organization Controls (SOC) 2 Type I compliance. This certification underscores EMQ’s commitment to a robust data security management system for both EMQX Cloud and EMQX Enterprise services, and reinforces its dedication to its global clientele.

SOC2 certification demonstrates EMQ’s attainment of the rigorous security, availability, processing integrity, confidentiality, and privacy standards the American Institute of Certified Public Accountants (AIPCA) has set. One of the Big Four international accounting firms on August 04, 2023, performed EMQ’s SOC 2 audit, underlining EMQ’s industry status in providing enterprise-level security for customer data and distinguishing EMQ as a leader in IoT cybersecurity standards and data protection.

In addition, EMQ has passed multiple domestic and international information security-related certifications, such as CMMI Level 3, ISO 20000, and ISO 27001, etc. Obtaining the SOC 2 Type I Certification Report is another important milestone on the road to protecting user data security, reflecting the goal and determination to build a high-standard security system.

EMQ primarily offers two MQTT messaging service products: the SaaS-oriented EMQX Cloud service and the package-centric EMQX Enterprise service. Both cater to extensive IoT message distribution, connectivity, processing, integration, and analytics. Serving over 20,000 users across 50+ countries and connecting in excess of 100 million global IoT devices, EMQ empowers businesses with digital, real-time, and intelligent transformation solutions. Given its expertise, EMQ is rapidly emerging as the go-to solution for developers and DevOps teams looking to streamline their IoT integrations, enhance data connectivity, and achieve optimal performance in distributed messaging environments.

With EMQ’s secure and reliable professional products and services, it has accessed the world’s mainstream public cloud services and successfully helped HPE, Ericsson, Volkswagen, GM, Johnson Controls, TSMC, FOXCONN, Verifone, and many more, to build IoT platforms and applications. In the future, EMQ will continue adhering to the highest standards of information security for its products and services, guarding the security of customers’ data in the cloud.

“Securing the SOC 2 Type I certification marks a pivotal achievement for EMQ. We are unwavering in our commitment to earn our customers' trust, ensuring the utmost security of their data. This certification is a testament to our rigorous security controls, from global compliance to privacy protection. Understanding the criticality of data security, especially in the realm of IoT services, we constantly strive to surpass conventional standards. Trust stands at the heart of EMQ’s values. With this certification, not only are our efforts validated, but it also positions us as a frontrunner in offering our customers unparalled assurance.”

– EMQ CEO, Dylan Kennedy

In addition to the SOC 2 Type I validation, EMQ is also in the process of obtaining SOC 2 Type II, GDPR, and TISAX compliances.

For more compliance information about EMQ, please visit Security & Trust Center.

About SOC 2

The SOC 2 Report (System and Organization Controls 2 Report) is a third-party independent report developed by the American Institute of Certified Public Accountants (AICPA) for auditing a service provider's services and internal controls based on the Trusted Service Criteria. It is a detailed report with a high degree of objectivity, continuity, and acceptance as globally recognized security audit standard. The SOC 2 report has become an important reference for domestic and international enterprises when choosing a third-party cloud service provider. Achieving compliance ensures that EMQ has robust controls in place to protect its systems and data. With its SOC 2 compliance, EMQ provides customers with the confidence that their data is continually protected by EMQ’s platform.