firmChannel's Parent Company Achieves SOC 2 Type II Security Certification as the Digital Signage Industry Faces Growing Cyber Threats

Vaughan, Ontario

Corum Digital Corporation, parent company of the firmChannel digital signage platform, has achieved SOC 2 Type II certification with no exceptions. The company also completed a clean third-party penetration test, providing additional independent validation of its security posture.

SOC 2, which stands for System and Organization Controls 2, is an auditing framework developed by the American Institute of Certified Public Accountants (AICPA). A Type II audit goes beyond point-in-time assessments by examining whether an organization's security controls have been consistently maintained and operating effectively over months of continuous operation. The audit was conducted by SAV Associates, a licensed CPA firm.

The certification covers the firmChannel platform specifically, including the cloud infrastructure that hosts the CMS, user authentication and access controls, data storage and transmission, the software development and change management process, and employee security practices spanning hiring, training, and access revocation.

"Our resellers serve customers in healthcare, financial services, government, and education, industries where vendor security documentation is a procurement requirement, not a nice-to-have," said Amedeo Tarzia, President and CEO of Corum Digital. "This certification gives every firmChannel reseller independently verified evidence they can put in front of their customers' security teams. That changes the conversation."

An Industry Under Pressure

The certification arrives at a time when the digital signage industry is contending with serious and visible security failures.

In April 2025, hackers exploited a third-party digital signage provider's systems and took control of menu board displays at roughly 300 Canadian restaurant locations simultaneously, forcing the chain to take all screens offline while it worked to regain control. The breach affected both indoor and drive-thru displays across every location on the network.

A January 2025 study by the Hong Kong Computer Emergency Response Team (HKCERT) tested eight digital signage brands and identified 20 security vulnerabilities, 10 of them classified as high-risk. Researchers demonstrated they could gain control of a signage device in under three seconds. The vulnerabilities included weak encryption, inadequate authentication, and exposed management interfaces.

These incidents reflect a broader pattern. The 2025 Verizon Data Breach Investigations Report, which analyzed more than 22,000 security incidents globally, found that 30% of confirmed data breaches involved third-party vendors. That figure doubled from 15% in the previous year's report.

"The firmChannel platform connects to our customers' corporate networks through every reseller deployment," said Wess Bechard, Chief Technology Officer at Corum Digital. "Our resellers handle the implementation, but the platform security underneath every installation is our responsibility. The incidents across our industry this year have reinforced why that responsibility requires independent verification."

What This Means for firmChannel Resellers

For firmChannel's authorized reseller network, the SOC 2 Type II certification addresses a challenge that channel partners in the digital signage industry have faced for years: how to satisfy enterprise security requirements for a platform they didn't build.

When a firmChannel reseller responds to an enterprise RFP or faces a vendor risk assessment, the security questions about the CMS platform, its cloud infrastructure, its data handling practices, and its development processes all point back to the platform provider. Until now, resellers across the industry have typically had to relay answers from their upstream vendors without independent verification to back them up.

firmChannel resellers can now provide Corum Digital's SOC 2 Type II report directly to their customers' procurement and security teams. The report is a standardized document that IT security committees, compliance officers, and third-party risk management programs recognize and know how to evaluate. It answers the majority of platform-related questions that enterprise vendor assessments typically raise.

"Our resellers shouldn't have to convince a hospital's security committee or a bank's vendor risk team to take their word on platform security," said Tarzia. "The SOC 2 report does that work with independent evidence. That's a competitive advantage most digital signage resellers simply don't have access to."

What the Audit Examined

The SOC 2 Type II audit examined Corum Digital's controls across access management, network security, data protection, vulnerability management, change management, incident response, and organizational governance. The observation period covered months of continuous operations, with the auditor sampling evidence throughout to verify that documented controls were functioning as designed.

Because the certification covers the firmChannel platform itself, the security assurance extends to every deployment across the reseller network. Every firmChannel installation runs on the same certified infrastructure, the same certified codebase, and the same certified operational processes that were examined during the audit.

Innovation and Security

The SOC 2 Type II certification builds on firmChannel's recognition by Frost & Sullivan in the 2025 Frost Radar: Digital Signage Solutions report. Frost & Sullivan evaluated digital signage providers globally and recognized firmChannel among the top three platforms globally for innovation.

"Enterprise buyers and the resellers who serve them should be able to expect both: a platform recognized for innovation and one that's independently audited for security," said Tarzia. "If a reseller's upstream platform provider can't produce a verified security report, that gap becomes the reseller's problem in every enterprise deal."

Report Availability

The SOC 2 Type II report is available to firmChannel authorized resellers and their customers upon request under NDA. Resellers can contact their firmChannel account manager or email security@corumdigital.com. Prospective resellers and customers can learn more at www.firmchannel.com.

About firmChannel

firmChannel is a cloud-based digital signage CMS platform sold exclusively through a network of authorized resellers across North America and globally. The platform serves enterprise organizations in healthcare, financial services, education, government, retail, and corporate communications, combining an intuitive content management interface with the security infrastructure that regulated industries require. firmChannel is developed and operated by Corum Digital Corporation, recognized by Frost & Sullivan in 2025 as Canada's most innovative digital signage company. Learn more at www.firmchannel.com.

SOURCE Corum Digital Corporation

Media Contact: Albert Rose, Media Relations, Email: pr@corumdigital.com, Phone: +1 (416) 342-0609