News

SOC 2 Type 2 Certification: Elevating our Commitment to Security

Amoeboids is a Platinum partner in the Atlassian marketplace. Since the Atlassian’s strategic shift to Cloud was announced, we were focused on making that shift for our apps as secure as possible. Today, we are thrilled to announce a significant milestone: achieving the SOC 2 Type 2 certification. This milestone represents our steadfast commitment in maintaining the highest standards of security, privacy & data protection for our customers and partners.

Imga 1-SOC2

What is SOC 2 Type 2?

SOC 2 stands for System & Organization Controls 2. It is an auditing procedure developed by American Institute of Certified Public Accountants (AICPA) to ensure the data managed by service providers is securely handled. Focus of this auditing process is on protecting the interests of the organization & privacy of its customers. Under SOC 2 there are Type 1 & Type 2 certifications. Type 2 goes beyond the policies and procedures assessed in Type 1 by evaluating the operational effectiveness of these measures over a defined period.

SOC 2 is a widely recognized security standard. Security departments in many organizations rely on the SOC 2 reports to assess the security posture of a service provider.

Impact on Amoeboids

While Amoeboids as an organization was mindful of its security processes right since its inception, achieving SOC 2 Type 2 certification has significantly strengthened our security and privacy protocols, SOPs. Given that the certification involves a rigorous evaluation of our systems and processes, for our customers, this means even greater assurance that their information is handled with the utmost care and integrity.

Preparing for SOC 2 Type 2 Certification

Our journey to this certification started even before the formal procedure. Our apps on the Atlassian marketplace were participating in the Cloud security & then the Cloud fortified programs. That got some of the bases covered on the security front. 

However, we did learn some key lessons that could benefit other organizations considering this path. 

First and foremost, cultivating a culture of security awareness across the organization is a key enabler. This is a cliché, but fundamentally true. 

Second, do not underestimate the power of ongoing trainings around these areas for your team. However, basic the training content may seem – you will find that it develops a keen eye in your team with regards to security & privacy procedures.

Third, do not delay the investment in robust, up to date infrastructure and data management tools. This is essential, as turning around a messy set up later is tediously painful. Do it right from the start & you are halfway there. 

And the last critical aspect is to start the preparation early. SOC 2 certification involves detailed reviews and revisions, which can be time-consuming. However, we must admit that automated ongoing monitoring of some of these controls has led to drastic reduction in the time investment.

What’s next?

Well, getting this certification is just the first step in our plan. Our eyes are set on getting the ISO27001 certification next. And then the next quarter, we will go live with the Trust Center.
Until then, if you are looking at any of our apps for the Atlassian products & would want to know more about our security practices – do reach out to us requesting the SOC 2 report.

Related blogs

Sorry, we couldn't find any posts. Please try a different search.

Stay Updated with latest news at Amoeboids

Your email will be safe and secure in our database

×