Productboard is SOC 2 certified!
At Productboard, we continuously invest in security best practices to ensure that our customers’ data is safe. Today, we’re pleased to announce that we’ve successfully completed our SOC 2 Type I attestation, covering “Security and Availability Principles”. The SOC 2 report includes Productboard management’s description of Productboard’s trust services and controls as well as an independent auditor’s opinion of Productboard’s infrastructure and application system design.
Keeping our customers’ data safe and secure is our highest priority. The recent SOC2 report shows our ongoing commitment to protect our customers’ data so they can focus on the most important work for their businesses by having trust in our policies, procedures and security program.
What is SOC 2 Type I attestation?
SOC 2 is considered the gold standard for security compliance of SaaS companies. SOC 2 requires companies to establish and follow strict information security policies and procedures, taking into account areas of security, availability, and confidentiality of the customer data.
Achieving SOC 2 Type I attestation is a proof that our software development processes, technical security controls and administrative procedures meet required levels of oversight and monitoring defined by the industry standard.
The SOC 2 Type I report is performed by an independent auditing firm and is intended to provide our customers with proof that we’re not only talking, but also actually doing all what we state in our policies when it comes to protecting our customers’ data. Thanks to a company-wide effort we managed to get certified in the following areas:
- Security: All components of the system are protected against unauthorized access or external threats.
- Availability: Productboard is highly-available for operation and use as committed or agreed
Thanks to this certification we strengthen the relationship we have with our customers, which is based on SOC2 “trust service principles”.
Our ongoing commitment in privacy and security
This certification is just one aspect of our growing security program that includes ongoing privacy improvements in GDPR, CCPA and EU or US Data Protection laws and regulations.
To further demonstrate our commitment to larger customers, we’re already making strides towards the SOC 2 Type II attestation, and we expect that to be finalized by the beginning of Q1 2021. We are committed to carrying out an annual SOC 2 attestation to ensure we continue to build on what we have put in place and to keep supporting our customers’ needs. We are also continuing to invest in enterprise governance and scalability features to give our customers additional control and security.