Six months ago, we announced the first milestone in our data and compliance journey: our SOC 2 Type 1 certification. Today, we’re thrilled to announce the next milestone: our SOC 2 Type 2 certification.
This means that an independent auditor conducted a comprehensive audit of our practices, policies, and operational processes over a period of time and found them to meet the rigorous SOC 2 standards set by the American Institute of Certified Public Accountants (AICPA).
The SOC 2 compliance outlines a framework of data security standards based on five principles (Security, Availability, Confidentiality, Processing Integrity, and Privacy) developed and maintained by the AICPA. This assessment aims to ensure that a business has in place the best practices required for secure handling, management, and storage of data.
While Type 1 reviews the suitability of an organization's controls as of a specified date, Type 2 is a more rigorous and continuous assessment over a specified period.
The Type 2 certification is proof that the company has data security policies, processes, and controls implemented to ensure continued compliance and reliability. In effect, the Type 2 report certifies the effectiveness of the design and implementation on an ongoing basis.
The SOC 2 Type 2 certification is a thorough review of our internal controls, policies, and processes that relate to our entire IT operations–from infrastructure management, software development, change management, network security, physical/environmental security, to due diligence in employee hiring, employee training, vendor management, and risk management.
The SOC 2 certification is evidence of our commitment to data security and a validation of our robust capabilities to do so.
When our customers use Rocketlane, they trust us not just with their onboarding journeys but also with their internal and customer data. Achieving the SOC 2 Type 2 certification is our way to demonstrate our promise of protecting this data by adhering to industry standards that they can trust.
The SOC 2 certification is assurance that we comply with industry-standard security principles of:
We are committed to renewing and preserving our SOC 2 compliance annually to guarantee our customers the highest information and data security standard.
We look forward to sharing more such updates in the future to help our customers rest easy knowing that their data is secure with us always.