Vista Group is proud to announce that we have achieved SOC 2 Type 1 for Vista Cloud* and movieXchange, with a successful audit from AssuranceLab.

We are dedicated to providing highly secure and performant solutions, and whether you use our cloud or on-premise software, our achievement of SOC 2 Type 1 provides benefits for all our clients.

Exhibitors must protect their businesses, guests, and employees against the potentially devastating and wide-reaching impacts of a cybersecurity breach. That is why our solutions are built upon a foundation of market-leading technology that delivers security, compliance, and proactive support. We call this Core Confidence, and with our recent SOC 2 Type 1 attestation for Vista Cloud and movieXchange, our clients can be even more confident that our information security processes reflect our ongoing commitment to delivering robust, secure solutions.

What is SOC 2?

SOC 2 (Service Organisation Controls 2) is a voluntary industry-leading compliance standard for demonstrating that an organisation maintains a high level of information security.

To meet these standards, SOC 2 evaluates the design and operating effectiveness of Vista Group’s security, risk, and control practices, including:

• Security — covering basic systems and data security.
• Availability — the reliability and resilience of our systems and services.
• Confidentiality — how data is classified, handled, and retained in-line with its level of sensitivity.
• Privacy — how we manage personally identifiable data in-line with the privacy rights of individuals.

In essence, SOC 2 Type 1 confirms that Vista Group’s systems and systems design comply with the high standard of these trust principles.

What does SOC 2 mean for Vista Cloud clients?

For our Vista Cloud clients, SOC 2 attestation demonstrates our dedication to providing you with remarkable solutions that are reliable and secure. This is a fundamental part of Core Confidence and SOC 2 is the next step in showing our investment in the security and privacy of your data.

Our keen focus on security means the operational workload for Vista Cloud clients is reduced. With less responsibility required from cinema teams, clients benefit from the greater investment in security than perhaps they could have achieved independently.

What does SOC 2 mean for Vista Classic clients?

All of our clients benefit from our continued commitment to provide safe and secure platforms.

The strengthening of our security practices has a flow on effect that goes beyond our Vista Cloud clients and we are committed to supporting all clients as we make continuous improvements to our processes and systems.

What is happening next for Vista?

SOC 2 Type 1 is not the end of the journey. While it marks a significant milestone for us, SOC 2 requires ongoing effort to maintain and continuously improve our security practices.

Beyond Type 1 attestation, the next step for Vista Group is achieving SOC 2 Type 2 for Vista Cloud* and movieXchange. Where Type 1 focuses on the details of the design and documentation of our systems, Type 2 is about proving their operational efficiency and effectiveness in practice.

SOC 2 Type 2 requires a long-term auditing process that is expected to take up to 12 months.

We are also hard at work investigating the timeline to achieve SOC 2 Type 1 for our other cloud-based solutions such as Movio Cinema EQ, Numero, Mica, and Veezi.

In addition to our work with SOC 2, we aim to partner with our cinema clients to form a Security Council, to continue to develop a deeper understanding of their ongoing security concerns and focus areas.

‍

* Currently not including Movio Cinema EQ, Numero, Cinema Intelligence, and MX Passes.