A Service Organization Control (SOC) audit is one of the most extensive tests an organization can undergo to demonstrate the ongoing maintenance of high-level information security. Today, we’re thrilled to announce that Checkly is SOC 2 Type 1 compliant after completing a successful audit by an accredited auditing firm. This demonstrates that Checkly’s information security policies, procedures, and practices meet the SOC 2 guidelines for security and data privacy.
Information Security for SaaS Providers
Security and privacy are two of our highest priorities for Checkly. Completing the SOC 2 Type 1 audit is a major milestone and a testament to this. As a leading synthetic monitoring platform, Checkly has now also become one of the first SaaS monitoring vendors to complete the SOC 2 Type 1 audit.
Why is SOC 2 so important?
Developed by the American Institute of CPAs (AICPA) SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality, and privacy. With that, SOC 2 is the standard for security compliance for SaaS applications that handle customer data.
With the completion of our SOC 2 Type 1 audit, our customers and users are assured there has been an independent and full review of Checkly’s security and privacy practices. Users also have the assurance that security controls are being implemented and practiced throughout Checkly on an ongoing basis. SOC 2 instills best practices from the start, but those practices must be continued and expanded.
What's next for Checkly’s security efforts
We continue to progress and enhance organizational controls and regularly review the security status within our organization, as well as third-party vendors and SaaS tools. We’ll continue to conduct security penetration testing, hold disaster recovery exercises, schedule security incident training for employees, and review and fix security vulnerabilities in software dependencies.
In the next few months we’ll pursue the next SOC 2 attestation, known as SOC 2 Type 2. And because we serve customers across a variety of industries, including retail, automotive, internet, and software, we plan to consider additional security standards as needed.
We understand compliance is an ongoing journey and a collaborative effort, and we will continue to design our organization and technology to adhere to the most advanced security requirements, as well as to support our customers' own compliance processes.
The Checkly SOC 2 Type 1 report is now available upon request by emailing firstname.lastname@example.org. Have questions? Contact us!