We are delighted to announce that we have achieved SOC2 Type 2 compliance across three areas: Confidentiality, Security, and Availability.
From the start, we built Roadie with security, availability, and privacy as fundamental values, and we recognize them as essential to our success. Our team is made up of people who have worked in large enterprise companies and scale-ups such as Workday, Spotify, and Intercom, so we are no strangers to enabling and ensuring good security practices. We understand that if you build these processes early, they will grow with your company and help you scale securely and reliably.
We have a set of mature and robust security and availability practices at Roadie and wanted to validate them against industry standards. We see this achievement of SOC2 Type 2 compliance as a milestone in our ever-improving security journey.
What this means
A SOC2 Type 2 report is one of the most well-known IT security and compliance auditing accreditations. It is highly comprehensive: it doesn’t look at any one business area in isolation.
An accredited external audit firm scrutinized Roadie’s engineering practices—such as our database security controls, monitoring and alarming, and testing methods—as well as the ecosystem within which these practices live. Meaning, that we train our staff, we care about who we hire, we restrict access to data, and we review all vendors that we choose to use.
Why is this important?
Simply put, we want this report to give our customers even more peace of mind when choosing to trust Roadie with their data. The SOC2 Type 2 report shows that we have opened our doors to a third-party and allowed them to test and scrutinize our security and availability practices.
As the old but fitting adage goes, “trust but verify.” Our goal is to provide you with confidence that we have robust, mature, and industry-standard practices that are monitored and updated frequently.
A milestone, not the end goal
The comprehensive nature of this audit affirmed our confidence that we are set up with excellent foundational security and availability practices which we can continue to build on as we scale.
We will continue to keep our compliance with SOC2 up to date, and we will undergo an annual audit to test our SOC2 compliance. We also aim to expand our compliance to additional standards as we grow.
If you would like to see a copy of our SOC2 Type 2 report, reach out to [email protected]