We’re thrilled to announce the profitable completion of our System and Group Controls (SOC) 2 Sort 2 audit, performed by A-LIGN, with no main findings recognized. You possibly can entry the report upon request at our Help Portal.
This milestone comes as a follow-up to our beforehand introduced SOC 2 Sort 1 audit again in April 2023. To offer a short distinction, the Sort 1 audit reveals that our safety processes and operations are well-established, whereas the Sort 2 audit confirms that we constantly adhere to those practices on a day-to-day foundation. Whereas the idea is simple in rationalization, steady adherence to safety practices could be fairly sophisticated and require a company-wide dedication to cyber safety.
How does this profit our clients?
The completion of this audit doesn’t result in any rapid adjustments to our each day enterprise operations or the functioning of the Manychat platform. What it does accomplish is the verification that our processes, safety and infrastructure methods, each of their documentation and execution, successfully assist the safety of buyer’s information.
Virtually talking, our workers adhere to multi-factor authentication (MFA), have need-to-know and least-privilege entry to particular methods, and bear periodic entry evaluations to make sure that solely approved people have applicable entry for authentic causes. We keep thought vulnerability and patch administration processes. We implement code evaluations and pull requests earlier than merging any code, together with automated deployment procedures. These practices not solely guarantee consistency but additionally decrease exterior interference and forestall many widespread errors. Moreover, our logging and notification methods are in place to promptly detect and alert us on any suspicious actions that require our consideration. For a complete overview of all our safety and compliance controls, please consult with our SOC 2 Sort 2 report.
Essentially, the rules behind SOC 2 Sort 2 controls function sound pointers for designing and working methods usually. This audit affirms that our operational practices align with these basic rules.
What’s on the horizon?
Acquiring the SOC 2 Sort 2 report alongside our ISO/IEC 27001 certification is a big achievement. Presently, we’ve a sturdy basis for pursuing different compliance certifications and audits, and our roadmap shall be influenced by the particular wants of our clients. For those who require compliance with ISO/IEC 27701, GDPR-CARPA, NIST CSF, or every other particular certifications, please don’t hesitate to succeed in out to us upon request by way of the Help Portal.
The contents of this weblog have been independently ready and are for informational functions solely. The opinions expressed are these of the creator and don’t essentially mirror the views of ManyChat or every other get together. Particular person outcomes could range.
