Security has been hard coded into the DNA of Aiven from day one. And because of our commitment to the secure transfer and storage of customer data, earning and maintaining compliance for the most stringent standards has been a relatively smooth process for us.
These standards not only provide a verifiable seal of trust for companies looking for vendors that fit specific requirements, they also provide an opportunity for us to audit our policies and processes to ensure that we are consistently doing what we need to be doing.
After pursuing our ISO/IEC 27001:2013 certification, we decided to focus our efforts on SOC2 Type I attestation, earning it in October of last year. Now, we’re happy to announce that we’ve earned SOC2 Type II attestation. Let’s quickly look at what it is.
What is SOC2 Type II and why is it important?
Simply put, SOC2 Type I attests that you have the security controls in place to meet the demands expected by customers — it's an entry-point to SOC2. Type II attests that you are effectively maintaining the same controls during the specific audit period.
As a rolling process, an organization trying to maintain the attestation needs to be evaluated every 6 months in perpetuity — the first of which we just completed. This makes SOC2 Type II attestation one of the most difficult compliance standards to maintain.
We’ve always prided ourselves on our security and compliance standards and are happy that they continue to be validated by the certifications and attestations we’ve successfully pursued — it's also an opportunity to make sure that we are doing everything we need to.
To stay up-to-date with the goings on at Aiven, make sure to follow our blog or changelog RSS feeds, and follow us on Twitter or LinkedIn. Not yet a customer and looking for secure, performant cloud data infrastructure? Sign up for our free, no obligation trial!
Dec 1, 2021
Cluster for profit
Find out how and, above all, WHY, join us in Cluster, Aiven's program for startups who need their data infrastructure set up right.
Mar 14, 2022
Security updates: Linux® kernel vulnerability
A vulnerability called "Dirty Pipe" (CVE-2022-0847) allows users to increase their access via the page cache. Aiven's CISO writes about our mitigating actions.
Mar 23, 2021
Building Aiven from zero to $800M - a letter from our CEO
Since 2017, Aiven has grown from zero to a global company with 140 employees and a valuation of over $800M. Join me in reliving some of that story.
Subscribe to the Aiven newsletter
All things open source, plus our product updates and news in a monthly newsletter.