Home Company It’s official: Codacy is now SOC2 Type I certified! πŸŽ‰

It’s official: Codacy is now SOC2 Type I certified! πŸŽ‰

Author

Date

Category

At Codacy, we’re committed to the security and privacy of your data. Our customers demand and deserve nothing less than the best security assurances that we can give them. That’s why we’re very excited to announce that Codacy is SOC 2 Type I certified!

This article explains what the SOC 2 certification is, why it is important, and what it means for our customers.

What is SOC 2 certification, and why is it important?

System and Organization Controls (SOC 2) is a well-known security compliance and certification created by the American Institute of Chartered Public Accountants (AICPA). It is considered the gold standard to ensure customers’ data security and operational maturity.

SOC 2 certification tackles the controls and processes of service organizations related to five trust services criteria: security, confidentiality, availability, process integrity, and privacy. All SOC 2 reports include the security category, while the others are optional.

The reports assure customers, partners, and prospects that an organization has security guidelines and follows them. For example, this might involve background checks on all employees, ensuring that laptops are password-protected, or configuring the organization’s AWS utilities safely.

Third-party certified auditors conduct the SOC 2 audit process and certification.

The two stages of SOC 2

There are two stages of achieving SOC 2 certification: SOC 2 Type I and SOC 2 Type II. 

  • SOC 2 Type I: reports on the current security rules (systems and controls) and reviews documents around these rules. It gives a snapshot of an organization’s practice on a particular date.
  • SOC 2 Type II: it’s very similar to Type I, but the evidence of rules effectiveness is described and evaluated over time, for a minimum of 6 months, to see if the systems and controls in place are functioning all the time.

Codacy is committed to your data security

At Codacy, we believe security is fundamental in our products’ design and implementation. Our customers trust us to store and process their data and expect that Codacy will maintain their data private, secure and confidential at all times. 

Therefore, we work hard to guarantee security in everything we do. We’ve implemented controls around our production systems, software, infrastructure, people, procedures, and all data supporting Codacy products.

We also want our customers to have independent assurance proving we meet our commitments. The SOC 2 certification represents our dedication to keeping customer information private and secure.

AICPA SOC Logo

Next steps: being SOC2 Type II certified

Maintaining and improving security practices requires constant work. Our mission to make your experience with Codacy as secure as possible does not stop here. 

With SOC 2 Type I achieved, our next natural step is to pursue SOC 2 Type II certification. See you on the other side!

If you have any questions about our SOC 2 certification, reach out to us atΒ security@codacy.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Recent posts

How to implement coding standards in your organization

Coding standards are a set of guidelines and best practices designed to ensure that your code is consistent and readable, making...

Leading Your Team to Engineering Excellence

On March 7th, we did a webinar called Leading Your Team to Engineering Excellence. Guest speaker Steve Berczuk, Lead Software Engineer...

3 popular C# style guides that will help your team write better code

C# is a popular programming language developed by Microsoft, and you can use it for developing web applications, games, and more....

February Product Update πŸš€

Hi there πŸ‘‹, Here are a few updates from February with very exciting news, so keep on...

Velocity vs. Cycle Time: understanding the key differences

Velocity and Cycle time are two standard metrics to measure the efficiency and effectiveness of software development teams. They help you...