Skedda now supports Spanish, French, and German!
We’re thrilled to announce that Skedda has achieved SOC 2 Type 1 compliance! This designation serves as a third-party industry validation that Skedda provides enterprise-level security for customer data secured in our solutions system.
“Earning SOC 2 Type 1 compliance is a testament to our unwavering commitment to security, reliability, and trust. This milestone validates the rigorous standards we uphold to protect customer data, and it’s just the beginning,” said Matthew Esposito, Director of Engineering at Skedda. “We’re continuously strengthening our security practices to meet and exceed industry expectations while actively pursuing additional compliance frameworks.”
In today’s complex and regulated environment, our customers entrust us to protect their data using industry-standard tools and practices. At Skedda, we’re committed to managing your data with world-class industry standards of security and compliance—and this is just the first of many milestones in our data privacy goals.
What is SOC 2 & Why is it important?
SOC 2 (Service Organization Control 2) is a set of standards designed to help organizations manage and protect data to safeguard the interests and privacy of their customers. The American Institute of Certified Public Accountants (AICPA) developed these standards to offer a verified method for evaluating and certifying an organization’s security infrastructure.
SOC 2 is comprised of five key Trust Services Criteria (TSC), which provide a framework for organizations to establish robust data security practices:
- Security: Protects information and systems from unauthorized access, disclosure, and damage
- Availability: Ensures that systems are accessible and usable to meet business needs
- Processing Integrity: Ensures that systems process data accurately and reliably
- Confidentiality: Restricts unauthorized access to systems and data
- Privacy: Protects the rights of consumers and their data
Organizations undergo a SOC 2 audit by a third-party auditor who will assess their security infrastructure against these five criteria. Only by demonstrating compliance with all the five criteria will an organization receive its SOC 2 certification. Skedda’s Trust Center gives an overview of the multi-layer, “defense in depth” efforts made by Skedda to meet these requirements.
How This Benefits Our Customers
At Skedda, protecting your data is our highest priority. We’ve built our platform with robust security measures and best practices that defend your organization’s sensitive information at every step. Our SOC 2 Type 1 compliance underscores this commitment and affirms that our internal processes meet rigorous industry standards:
Robust Encryption
We use FIPS 140-2 compliant, AES-256 symmetric encryption on our database to encrypt all of your stored data. All your data is also encrypted “in flight” using Transport Layer Security (TLS 1.2 minimum), with strict HTTPS requirements and robust security certificates validated by trusted Certificate Authorities.
Strict Access Control
Access permission is role-based, meaning only authorized personnel can view or modify production systems. Access is also time-limited, ensuring that permissions are granted only when necessary and automatically revoked. Our mandatory multi-factor authentication (MFA) adds an extra layer of protection for sensitive operations.
Continuous Monitoring
Our systems undergo regular vulnerability scans and real-time monitoring to catch and address threats quickly. Independent penetration testing and real-time compliance monitoring guarantee ongoing adherence to security best practices.
Backup and Recovery
We maintain automated, encrypted backups across multiple regions, ensuring that your data remains protected and recoverable in the event of an outage or disaster. We regularly test our recovery procedures to validate their effectiveness.
Skedda’s Journey to SOC 2 Compliance
Prescient Security, a leader in security and compliance attestation for B2B SAAS companies worldwide, performed the security audit. With their guidance and support, we were able to achieve SOC 2 compliance in a swift, efficient manner.
We partnered with Vanta, the leader in the trust management space, to help us automate the collection of our audit evidence. They provided real-time insights and continuous monitoring, which helped us streamline security and compliance effortlessly.
If you’re ready to manage your workspaces more securely and effectively, create your free Skedda account today.
