Aiven adds SOC2 Type II to list of standards

While SOC2 Type I is an entry-point, SOC2 Type II ensures that you're continuing to do what is needed. Find out what this means for Aiven customers in this latest post.

06 April 2020
Kyle Buzzell
Kyle Buzzell RSS Feed
Head of Growth Marketing at Aiven

Security has been hard coded into the DNA of Aiven from day one. And because of our commitment to the secure transfer and storage of customer data, earning and maintaining compliance for the most stringent standards has been a relatively smooth process for us.

These standards not only provide a verifiable seal of trust for companies looking for vendors that fit specific requirements, they also provide an opportunity for us to audit our policies and processes to ensure that we are consistently doing what we need to be doing.

After pursuing our ISO/IEC 27001:2013 certification, we decided to focus our efforts on SOC2 Type I attestation, earning it in October of last year. Now, we’re happy to announce that we’ve earned SOC2 Type II attestation. Let’s quickly look at what it is.

What is SOC2 Type II and why is it important?

Simply put, SOC2 Type I attests that you have the security controls in place to meet the demands expected by customers — it's an entry-point to SOC2. Type II attests that you are effectively maintaining the same controls during the specific audit period.

As a rolling process, an organization trying to maintain the attestation needs to be evaluated every 6 months in perpetuity — the first of which we just completed. This makes SOC2 Type II attestation one of the most difficult compliance standards to maintain.

Wrapping up

We’ve always prided ourselves on our security and compliance standards and are happy that they continue to be validated by the certifications and attestations we’ve successfully pursued — it's also an opportunity to make sure that we are doing everything we need to.

To stay up-to-date with the goings on at Aiven, make sure to follow our blog or changelog RSS feeds, and follow us on Twitter or LinkedIn. Not yet a customer and looking for secure, performant cloud data infrastructure? Sign up for our free, no obligation trial!

orange decoration
yellow decoration

Start your free 30 day trial!

Build your platform, and throw in any data you want for 30 days, with no ifs, ands, or buts.

orange decoration
yellow decoration

Start your free 30 day trial!

Build your platform, and throw in any data you want for 30 days, with no ifs, ands, or buts.


Aiven for Apache Kafka®Aiven for Apache Kafka Connect®Aiven for Apache Kafka MirrorMaker 2®Aiven for Apache Flink® BetaAiven for M3Aiven for M3 AggregatorAiven for Apache Cassandra®Aiven for OpenSearchAiven for PostgreSQLAiven for MySQLAiven for RedisAiven for InfluxDBAiven for Grafana

Let‘s connect

Apache Kafka, Apache Kafka Connect, Apache Kafka MirrorMaker 2, Apache Flink and Apache Cassandra are either registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. ClickHouse, M3, M3 Aggregator, OpenSearch, PostgreSQL, MySQL, Redis, InfluxDB, Grafana are trademarks and property of their respective owners. All product and service names used in this website are for identification purposes only and do not imply endorsement.