Aiven officially achieved SOC 2 compliance this October 2019. Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 requires that companies have the policies, procedures, and guidelines in place to ensure the security, availability, processing integrity, and privacy of customer data.
Externally verified SOC 2 compliance ensures that your providers meet this standard and securely manage and protect your data. Along with ISO 27001:2013 certification, which Aiven also holds, SOC 2 attestation leverages 3rd- party verification of Aiven’s information security posture, policies and processes.
“Both SOC 2 and ISO 27001 require supplier management to ensure the whole chain meets the security demands expected by the end customer, and we're happy to be able to showcase that we can meet these best-of-industry security standards. ” says Heikki Nousiainen, Chief Technology Officer at Aiven.
While not always a hard requirement for SaaS and cloud computing vendors, both our SOC 2 attestation and ISO27001:2013 certification are key pillars for establishing customer trust and helping them meet their own compliance requirements for using us for their production systems.
SOC 2 compliance ensures that Aiven can meet the strictest trust requirements of our customers, thereby simplifying procurement and onboarding processes. But SOC 2 attributes cannot easily be baked-in after the fact; they are always best built-in from the beginning.
“It’s good to know that, since Information Security has always been a strategic asset for Aiven, we’ve always been building our services with this as one of our primary value propositions,” Heikki says.