Originally published at: https://blog.particle.io/particle-is-officially-soc-2-type-ii-compliant/
Today, we’re proud to announce that Particle is officially SOC 2 Type II compliant in regards to security and confidentiality. Obtaining this certification is an important step in our company history, and valuable independent assessment of our information security practices.
SOC 2 Type II reports are the most comprehensive certification within the Systems and Organization Controls protocol. Businesses seeking a vendor like Particle will find SOC 2 Type II is the most useful certification when considering a possible service provider’s security credentials.
A company that has achieved SOC 2 Type II compliance has proven its system and processes are designed to keep its clients’ sensitive data secure. When it comes to working with the cloud, security and confidentiality are absolutely essential and increasingly required by customers, regulators, examiners, and auditors.
For our customers, the SOC 2 Type II certification does two things:
- It provides independent confirmation that Particle’s security practices are aligned with a rigorous cloud service standard.
- As a critical service provider to your organization, it provides a key piece of evidence for your own vendor security and compliance process.
The audit reviewed Particle’s security posture throughout 2020 (not just at a point in time), and validated 164 security, confidentiality and governance processes were operating effectively without exceptions.
Our SOC 2 Type II report is available for enterprise customers, and prospective enterprise customers under NDA, but of course, it covers the entirety of our offering, and all users of the platform benefit from the same level of rigor when it comes to security.
Obtaining SOC 2 Type II required the support and involvement of everyone at Particle, and personally, I’ve been humbled, but not surprised, by how seriously the entire team has taken the process and played a role in getting us across the line.
The SOC 2 Type II is the second third party audit we have completed this year, with the first being a GDPR/CCPA Gap Assessment.
We thank you for building on Particle, and will continue to invest in our security and compliance program to ensure that your data is as secure as possible.