We’re extremely excited to announce that Octane11 has achieved SOC 2 Type 2 Compliance for Security, Availability and Confidentiality. As a trusted data integration and analytics platform, protecting our customers’ data is a top priority. That’s why over the last year, we worked with security and compliance automation platform Drata to implement the necessary policies and controls to achieve SOC 2 Type 2 compliance, the gold standard of data protection.
During the last two quarters, Octane11’s controls were reviewed by one of the “Big 4” accounting firms to confirm our adherence to these stringent standards. Their review of literally 142 criteria and controls found Octane11 to be 100% compliant with the most exacting industry standards. For a bit more color on the SOC 2 standard and what this certification means for our clients and partners, read on:
What is SOC 2 Type 2?
Service Organization Control 2 (“SOC 2”) is an internationally recognized standard developed and maintained by the American Institute of CPAs (“AICPA”). SOC 2 defines criteria for building cloud-based software systems and managing customer data in a way that ensures the security, availability, and confidentiality of customer data. SOC 2 Type 2 compliance is awarded to businesses by external auditors including “Big 4” firms like EY, KPMG and other accredited firms, based on assessing compliance with one or more of these trust principles over a defined period of time (whereas Type 1 is based on a review at a single point in time). Octane11 was audited over a 90-day period during Q2 and Q3 this year for compliance with three critical trust principles – security, availability, and confidentiality – and will undergo an annual review again next year.
Why did Octane11 complete the SOC 2 Type 2 assessment?
Octane11 helps B2B companies connect data across marketing, sales, customer service, and product usage tools, so they can create a clear picture of operations across teams. Since Octane11 is handling critical client data, we wanted to make sure that we are implementing best-in-class practices for security, availability and confidentiality in all that we do, so our clients can have total confidence in our platform. As a high-growth company, completing a SOC 2 assessment early on ensures that we are always designing and building solutions with these principles in mind.
How does a company achieve SOC 2 Type 2 compliance?
To complete the SOC 2 Type 2 review, we put a wide range of policies and tools in place that all Octane11 employees follow. We were also required to demonstrate that all of our internal systems and infrastructure was properly monitored and secured against external and internal threats. All Octane11 employees undergo background checks before joining, complete security training, and are equipped with the tools they need to comply with our policies. To track our compliance with all of these measures over the course of a 90-day period, we worked with an outstanding security and compliance automation platform called Drata – which also allows us to continuously monitor our controls and maintain compliance on an ongoing basis.
What is the benefit of Octane11’s SOC 2 Type 2 compliance for our clients and partners?
By adhering to SOC 2 Type 2 requirements, Octane11 ensures that any client or partner can be confident that we are putting the utmost focus and attention on security, availability and confidentiality. For clients and partners that are managing their own SOC 2 or similar compliance requirements, they can request access to our auditor’s attestation to include in their own reports as needed. If you’d like a link to Drata’s real-time tracking of our SOC 2 compliance or a copy of our auditor’s report, please let us know!
And if you’re a B2B Sales & Marketing leader, interested in learning how Octane11 connects data across teams while adhering to the highest industry standards of data security, availability and confidentiality – please reach out for a demo!
