After an independent audit of our data access documents, an examination of our security controls, and an extensive inspection and test of our systems — we are proud to announce that Sastrify is officially SOC 2 Type 2 compliant.

Achieving System and Organization Controls (SOC) Type 2 compliance requires that cloud vendors provide third-party assessments of their security safeguards. These assessments cover five Trusted Service Principles (TSPs): Security, Availability, Processing Integrity, Confidentiality, and Privacy.

What is a SOC 2 report?

SOC 2 is an auditing process that assesses whether a service provider meets certain standards for protecting client data. There are two different types of SOC 2 reports: Type 1 and Type 2. Organizations can elect to pursue either, or both, Type 1 and/or Type 2 audits to receive their SOC 2 report.

A successful SOC 2 Type I audit demonstrates that a SaaS provider’s controls were designed appropriately to protect customers' data as of a single point in time, while a successful SOC 2 Type 2 audit demonstrates that controls were designed appropriately and operating effectively over a specified period of time to protect customers’ data.

What does SOC 2 Type 2 compliance mean for Sastrify’s customers?

Rest assured knowing that our team has taken every opportunity to ensure our systems and data remains secure. We’ve built the best practice of the SOC 2 framework into our daily operations.

If you’re a Sastrify customer and would like to receive a copy of the SOC 2 report, please get in touch with your Customer Success Manager. If you aren’t yet a Sastrify customer, please fill out the form below to get started with a free analysis of your SaaS savings with one of our experts.