We achieved SOC 2, Type 2 compliance at Process Street, and I want to give you a quick rundown of what that security milestone means for us and our customers.
As we help thousands of organizations implement business-critical processes, an incredible amount of data is constantly moving through or being stored on our platform. You’ve entrusted us to securely handle your user and workflow information at all times, and we take that responsibility seriously every day.
Part of our commitment to security manifests in the admin and user controls we make directly available to you — for example, role-based access, single sign-on, and identity management integrations.
But a lot of the work to keep your data safe happens behind the scenes, and that’s where SOC 2 comes in.
What is SOC 2 compliance?
SOC 2 is a set of criteria developed by the American Institute of CPAs (AICPA) to help assess the controls and systems a company has in place for handling customer data.
As part of the compliance process, an independent auditor reviews detailed information on hundreds of internal controls related to risk assessment and mitigation, monitoring practices, system operations, employee access, and more. The audit concludes with a detailed report, and compliance is only achieved with a “clean” report — one with no exceptions or deficiencies found by the auditor.
Going through this process has helped us to remain laser-focused in our commitment to data security, and that won’t change now that we’ve reached compliance. We worked closely with Drata to prepare for our audit and will keep using their services to continuously monitor our internal controls. Compliance itself is also time-sensitive, so we plan to get a new SOC 2 audit each year.
What does SOC 2 compliance mean for Process Street customers?
For customers all of this means extra transparency and peace of mind regarding how we handle your data. We welcome current and prospective enterprise plan customers to request a full copy of our SOC 2 report, so talk with your customer success manager or account rep.