Today, we’re excited to announce that we’ve achieved recognition for operating our business in compliance with the SOC 2 and ISO 27001 standards. We’ve been committed to upholding the highest levels of trust and security for you since day one, and we’re proud of the work we’ve done to meet these industry standards for information and data security.
Read on to learn more about what these standards are, and why they matter to you.
What are SOC 2 and ISO 27001?
SOC 2 and ISO 27001 are voluntary compliance standards that organizations pursue to validate their security and privacy practices, availability, and more. An audit of the organization’s services and controls is always completed by an independent, certified third-party.
SOC Reports are frameworks developed by The American Institute of Certified Public Accountants (AICPA), and ISO Standards are managed by the International Organization for Standardization (ISO). The SOC 2 Type II report is designed for service providers who store customer data in the cloud, and measures their adherence to strict criteria (more on that in the section below). ISO 27001 is considered the world’s leading information security management system (ISMS) standard, and establishes best practices for securing information like financial data, employee details, data from third parties, and more. There is some overlap between the two standards.
Is SOC 2 just about security?
A SOC 2 report can cover more than just security — there are five different areas of focus or Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. Our SOC 2 Type II report provides a detailed overview of our processes and controls-based assurance for Security, Availability, and Confidentiality.
Why does this matter?
We know security matters to you, and is often one of your biggest concerns. Achieving compliance with these standards means that our development and business processes meet clearly-defined standards for operating Fleetsmith safely and securely.
If you’re an IT manager, you might need approval from your security and/or compliance teams before purchasing a new product. Our SOC 2 report should make that security review process faster and smoother — so you can get Fleetsmith up and running more quickly, letting you automatically set up new devices, patch your fleet with important software updates, and detect and prevent problems with your fleet.
Our journey has just begun
Achieving compliance with the SOC 2 and ISO 27001 standards means that we are committed not just this year or the next — we are committed to operating our business in compliance with these standards every year going forward. Our auditors will request evidence to prove that we’ve continued to follow the policies, processes, and technical controls we’ve put in place on an annual basis. We look forward to demonstrating, year after year, that we’re worthy of your trust.
To get access to our SOC 2 report and ISO 27001 certificate, get in touch at firstname.lastname@example.org.