To provide the best recommendations possible, Shaped sits directly on top of your data stack to ingest your companies data. This data can be sensitive and it’s why, since the beginning of Shaped, we knew the importance of building a secure system from the ground-up. From day one we’ve focused on building an engineering and governance culture, where security is considered as top priority.
As best practice security and governance is something we’ve always focused on, it made sense for us to get audited and certified for the SOC 2 compliance framework. Now our customers can feel confident that we are compliant, without just having to take our word for it.
So, what exactly is SOC 2 compliance, and why is it important for both Shaped and our customers?
SOC 2 compliance is a set of security standards set by the American Institute of Certified Public Accountants (AICPA) that assesses the security, availability, processing integrity, confidentiality, and privacy of a company's systems and data. This type of compliance focuses on the company's control environment, including its policies, procedures, and management structure.
For Shaped, SOC 2 compliance means that we have undergone a rigorous and comprehensive evaluation of our systems, processes, and infrastructure. The compliance requires that we demonstrate that we have implemented appropriate security measures and that these measures are in line with industry best practices. For our customers, the SOC 2 compliance is a clear indication that we take security seriously and have made a commitment to protecting your data.
We partnered with Vanta, the leader in continuous compliance monitoring, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data. It performs daily checks on our cloud infrastructure and business tools and gives us a real-time view of our security controls.
Shaped was audited by Prescient Assurance, a leader in security and compliance attestation for B2B, SAAS companies worldwide. Prescient Assurance is a registered public accounting in the US and Canada and provides risk management and assurance services which includes all the common compliance frameworks.
Get in touch!
We are proud to have achieved SOC 2 compliance, and we look forward to continuing to provide secure and trustworthy services to our customers. Let us know if you would like access to our compliance reports, or need a custom Data Processing Agreement (DPA) for your use-case. You can get in touch with us at firstname.lastname@example.org or book a demo of Shaped here.
For more information about our security principals and compliance, please refer to our Security docs.