Press release

Plurilock Achieves SOC 2® Compliance for Demonstrating Effective Security Controls

Enterprise customers increasingly requiring vendors to maintain SOC Type II to demonstrate compliance, data privacy

VANCOUVER, BRITISH COLUMBIA—Plurilock Security Inc. (TSXV: PLUR) (OTCQB: PLCKF) and related subsidiaries (“Plurilock” or the “Company”), an identity-centric cybersecurity solutions provider for workforces, has completed a SOC 2® assessment, successfully demonstrating the organization has effective controls in place for its cybersecurity solutions, business operations procedures, and technical infrastructure.

Standards for SOC Type II are set by the American Institute of Certified Public Accountants (AICPA), a member association representing the accounting profession.1 SOC Type II compliance is demonstrated following the completion of an examination that focuses on five trust service principles of security, including confidentiality, security, availability, processing integrity, and the privacy of customer data.2

The Company received the results of the SOC Type II report following an assessment period conducted by security and compliance firm BARR Advisory, P.A., from June 1, 2021 to August 31, 2021.

SOC Type II is a standard with widespread adoption within the larger business community and financial vertical, resulting in increased credibility for solution providers that receive the certification.

During the assessment period, the firm reviewed access controls to Plurilock’s systems, including its ADAPT and DEFEND continuous authentication products, as well as the operating effectiveness of its infrastructure and internal and external controls. By meeting the SOC Type II compliance standard, the Company has demonstrated that there are controls and policies in place that mitigate risk as well as provide business continuity and customer assurance that systems and data will be protected.

In addition, SOC Type II compliance validates Plurilock’s role as a reliable and trusted third-party vendor for enterprise organizations within government, finance, healthcare, and education verticals, at a time where recent statistics show that 51% of organizations have experienced a data breach caused by a third-party.3 Further, the Company has committed to only working with third-party vendors that also maintain SOC Type II compliance or equivalent controls. Plurilock utilizes Amazon Web Services, further reducing risk by benefiting from their strong infrastructure controls.

“It is paramount to maintain our clients’ trust and demonstrating our SOC Type II compliance with this report affirms that their data and key resources are secured without compromising business continuity,” said Ian L. Paterson, CEO of Plurilock. “This assessment is part of our ongoing efforts to provide top-notch cybersecurity continuous authentication solutions that are credible and well-recognized in the industry.”

Plurilock’s ADAPT solution provides multi-factor authentication for login or credential workflows,providing an additional, invisible authentication factor using behavioral biometrics, while reducing two-factor authentication (2FA) prompts. Plurilock’s DEFEND product is a continuous authentication platform that offers identity assurance and compromise detection, alerting IT security personnel to potential threats in real time. Any negative findings noted in the report were mitigated during the observation period with the firm and there are no outstanding mitigations. Plurilock will revisit the SOC Type II compliance process on a yearly basis.

About Plurilock
Plurilock provides identity-centric cybersecurity for today’s workforces. The Plurilock family of companies enables organizations to operate safely and securely while reducing cybersecurity friction. Plurilock offers world-class IT and cybersecurity solutions through its Solutions Division, paired with proprietary, AI-driven and cloud-friendly security through its Technology Division. Together, the Plurilock family of companies delivers persistent identity assurance with unmatched ease of use.

For more information, visit https://www.plurilock.com or contact:
Ian L. Paterson
Chief Executive Officer
ian@plurilock.com
416.800.1566

Roland Sartorius
Chief Financial Officer
roland.sartorius@plurilock.com

Prit Singh
Investor Relations
prit.singh@plurilock.com
905.510.7636

Forward-Looking Statements
This press release may contain certain forward-looking statements and forward-looking information (collectively, “forward-looking statements”) related to future events or Plurilock’s future business, operations, and financial performance and condition. Forward-looking statements normally contain words like “will”, “intend”, “anticipate”, “could”, “should”, “may”, “might”, “expect”, “estimate”, “forecast”, “plan”, “potential”, “project”, “assume”, “contemplate”, “believe”, “shall”, “scheduled”, and similar terms. Forward-looking statements are not guarantees of future performance, actions, or developments and are based on expectations, assumptions, and other factors that management currently believes are relevant, reasonable, and appropriate in the circumstances. Although management believes that the forward-looking statements herein are reasonable, actual results could be substantially different due to the risks and uncertainties associated with and inherent to Plurilock’s business. Additional material risks and uncertainties applicable to the forward-looking statements herein include, without limitation, the impact of general economic conditions, the success of the Company in obtaining new or extended contracts or orders; the Company’s ability to maintain existing customers or develop new customers; the Company’s ability to successfully integrate acquisitions of other businesses and/or companies or to realize on the anticipated benefits thereof; and unforeseen events, developments, or factors causing any of the aforesaid expectations, assumptions, and other factors ultimately being inaccurate or irrelevant. This list is not exhaustive of the factors that may affect the Company’s forward-looking statements. Many of these factors are beyond the control of Plurilock. All forward-looking statements included in this press release are expressly qualified in their entirety by these cautionary statements. The forward-looking statements contained in this press release are made as at the date hereof, and Plurilock undertakes no obligation to update publicly or to revise any of the included forward-looking statements, whether as a result of new information, future events, or otherwise, except as may be required by applicable securities laws. Risks and uncertainties about the Company’s business are more fully discussed under the heading “Risk Factors” in its most recent Annual Information Form. They are otherwise disclosed in its filings with securities regulatory authorities available on SEDAR at www.sedar.com.

Neither TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in the policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.

  1. https://www.aicpa.org/about/missionandhistory.html
  2. https://www.aicpa.org/interestareas/frc/assuranceadvisoryservices/aicpasoc2report.html
  3. https://www.securitymagazine.com/articles/95143-of-organizations-have-experienced-adata-breach-caused-by-a-third-party