SOC2 compliance is a global standard in information security, and we’re here to explain its significance to us.
What is SOC 2 Compliance?
SOC 2 is a voluntary compliance standard designed for tech companies offering cloud-based products. It delineates how an organization should handle customer data. The compliance guidelines are set by the AICPA (American Institute of Certified Public Accountants), ensuring all relevant services are secure, available, and confidential and that information security best practices are in place.
What Being SOC 2 Compliant Means to Humand and Our Customers
As a market leader with hundreds of customers in 20+ countries using our product, security and compliance have been non-negotiable from day one.
At Humand, our SOC 2 report isn’t about just checking a box – it’s about demonstrating with official proof that we comply with the globally recognized information security framework and protect our customers’ data by implementing the best practices across our business operations, policies, and procedures.
Our customers trust us with their sensitive data, so SOC 2 compliance is the best way to assure our robust security and provide our customers with the utmost confidence when using our software.
Demonstrating a SOC 2 report to our customers and prospects proves our commitment to concrete security standards and shows they’re partnering with a company that takes information security seriously.
What Was Evaluated in Our SOC 2 Audit?
Our audit covered three key Trust Service Criteria: Security, Availability, and Privacy; where the design and operating effectiveness of our relevant internal controls were assessed and verified.
The controls implemented are built around our specific infrastructure, software, processes, people, and data, and relate to:
- Remote onboarding of employees
- Security of cloud infrastructure
- Risk management protocols
- Access control restrictions, including strict password enforcement
- Multi-factor authentication
- User access review
- Threat detection
- Change management procedures
- Effective asset management
- Data encryption
- Secure development and more
Our SOC 2 Partner
Through our comprehensive report, we not only fulfill SOC 2 standards but elevate our overall security posture. We are committed to consistently maintaining top-tier safeguards and procedures. Scytale streamlined our entire SOC 2 audit-readiness process with their automation platform and dedicated expert team, providing a single compliance hub to manage our entire compliance journey.
Safeguarding Our Customers
Hundreds of customers worldwide trust Humand for streamlining HR processes, and they entrust us with their sensitive data. SOC 2 is the optimal approach to ensuring our security and providing customers with confidence regarding global HR management and automation. Customers are always the priority in every decision we make. Providing a SOC 2 report to customers and prospects demonstrates our dedication to robust security standards.
Maintaining our Compliance
SOC 2 compliance is not a one-off check box, and maintaining compliance is critical. We are committed to renewing our SOC 2 report every year and continuously monitoring and updating our controls, policies and procedures on an ongoing basis.
