Rocketlane advances to SOC 2 Type 2 Compliance and Certification

Six months ago, we announced the first milestone in our data and compliance journey: our SOC 2 Type 1 certification. Today, we’re thrilled to announce the next milestone: our SOC 2 Type 2 certification. 

What does this mean for us? 

This means that an independent auditor conducted a comprehensive audit of our practices, policies, and operational processes over a period of time and found them to meet the rigorous SOC 2 standards set by the American Institute of Certified Public Accountants (AICPA).

What is SOC 2 Type 2 compliance? How is it different from SOC 2 Type 1? 

The SOC 2 compliance outlines a framework of data security standards based on five principles (Security, Availability, Confidentiality, Processing Integrity, and Privacy) developed and maintained by the AICPA. This assessment aims to ensure that a business has in place the best practices required for secure handling, management, and storage of data. 

SOC Type 1 vs. Type 2

While Type 1 reviews the suitability of an organization's controls as of a specified date, Type 2 is a more rigorous and continuous assessment over a specified period. 

The Type 2 certification is proof that the company has data security policies, processes, and controls implemented to ensure continued compliance and reliability. In effect, the Type 2 report certifies the effectiveness of the design and implementation on an ongoing basis. 

Proving Continuous Adherence: Why SOC Type 2 matters

The SOC 2 Type 2 certification is a thorough review of our internal controls, policies, and processes that relate to our entire IT operations–from infrastructure management, software development, change management, network security, physical/environmental security, to due diligence in employee hiring, employee training, vendor management, and risk management. 

The SOC 2 certification is evidence of our commitment to data security and a validation of our robust capabilities to do so.

What this means for Rocketlane customers

When our customers use Rocketlane, they trust us not just with their onboarding journeys but also with their internal and customer data. Achieving the SOC 2 Type 2 certification is our way to demonstrate our promise of protecting this data by adhering to industry standards that they can trust. 

The SOC 2 certification is assurance that we comply with industry-standard  security principles of:

1. Security: Ensuring that we follow best practices like access controls, identity management, encryption, breach alerts, and more
2. Availability: Implementing systems and princesses that guarantee performance and uptime with provisions for disaster recovery and incident management
3. Integrity: Ensuring that our systems process information accurately with adherence to the best data processing and quality assurance standards/protocols
4. Confidentiality and privacy: Having controls in place to ensure our customers' data is safe from unauthorized access
   

We are committed to renewing and preserving our SOC 2 compliance annually to guarantee our customers the highest information and data security standard. 

We look forward to sharing more such updates in the future to help our customers rest easy knowing that their data is secure with us always.

More like this

1. 4 Ways Rocketlane Makes Customer Onboarding Smoother, Simpler, Smarter
2. Meet Rocketlane Forms: Collect and organize data in a jiffy
3. Rocketlane X Slack: Collaborate from the comfort of Slack
4. Introducing Time Tracking for Customer Projects
5. Introducing Resource Management by Rocketlane