We’re excited to announce that AirOps is officially SOC 2 Type II compliant as of January 29, 2023. 🎉
This highlights our commitment to building and delivering a trustworthy, secure platform that gives people data superpowers at work while exponentially increasing their efficiency.
What this means for our customers
“Are you SOC 2 certified?” is a question we’ve received a lot over the last year or so, and for good reason. Security should always be top-of-mind when choosing which vendors to trust with your organization’s data.
Security has been at the heart of our internal architecture from the beginning, but we also recognize the need for additional security best practices and internal controls. In addition to security, the criteria for managing customer data under SOC 2 compliance includes four additional principles of trust: availability, processing integrity, confidentiality, and privacy.
Now, current and prospective customers have concrete proof that our internal controls, systems, policies, and procedures all meet the most stringent standards.
What is SOC 2 Type II compliance?
If you’re unfamiliar with SOC 2 compliance standards, here’s a great breakdown from Checkpoint:
“SOC 2 is a voluntary compliance standard for service organizations, developed by the American Institute of CPAs (AICPA), which specifies how organizations should manage customer data. The standard is based on the following Trust Services Criteria: security, availability, processing integrity, confidentiality, privacy. …These internal reports provide organizations and their regulators, business partners, and suppliers, with important information about how the organization manages its data.”
There are two types of SOC 2 compliance, Type I and Type II.
Type I looks at the design of an organization's systems and assesses if they’re compliant with certain trust principles (we achieved Type I compliance in November 2022!). Basically, SOC 2 Type I compliance looked at all of the claims we make about our systems, the actual systems that are in place, and the policies we’ve adopted.
Type II goes deeper and looks at the operational efficiency of those internal systems. Proving compliance was a three month process to verify that our teams follow those policies and that all systems are working properly.
Basically, SOC 2 Type II compliance tells the world that AirOps doesn’t just talk the talk, we walk the walk. 😎
Where can I learn more about how AirOps maintains SOC 2 Type II compliance?
Existing AirOps customers can reach out to our team for a copy of our SOC 2 Type II audit report.
If you’re not a customer yet, but still want to confirm that you can trust us with your most important data, contact us via email (email@example.com) or through our live chat feature. We can share our full SOC 2 audit report under an NDA.