The time has come! As of September 29, 2022, Valohai is officially SOC 2 Type II compliant.
SOC 2 compliance "demonstrates your organization's ability to effectively safeguard the privacy and security of customer data. But achieving SOC 2 can be time-consuming and expensive." as put by Vanta, who helped us automate our compliance practices and get the certification.
Was it easy? No. Was it worth it? Definitely.
For Valohai, being SOC 2 compliant means that as a company we fulfill 5 trust principles: security, confidentiality, availability, privacy, and processing integrity. Unlike SOC 2 Type I certification that is done at a single point in time, SOC 2 Type II compliance is a long-term commitment that involves constant supervision of our safety and security practices by independent auditors.
For our customers it means peace of mind as their highly sensitive data is safe with us. Valohai uses Intruder Systems Ltd., a CREST-approved vulnerability scanner for continuous vulnerability management and attack surface monitoring as part of our security practices.
Privacy and security of our customers have always been one of our top priorities. We wanted to reinforce our commitments with solid actions that would speak louder than words. Thus, we decided that acquiring SOC 2 Type II compliance is the way to go. Our team is determined to remain SOC 2 compliant for the years to come.
Eero Laaksonen – CEO, Valohai.
You can check Valohai's trust report on our Vanta page. And if you have more questions about our newly acquired SOC 2 compliance, head on to the trust center to request a copy of our SOC 2 compliance report or send your SOC-related questions to firstname.lastname@example.org.