In Buddy we trust: Announcing SOC 2 certification

Ever since we launched in 2016, security has been our #1 priority. With our servers under constant surveillance by SecurityMetrics and regular security audits performed in accordance to the AWS Security Audit Guidelines already in place, we are now ready to announce that Buddy has been officially accredited as SOC 2 compliant.

What you need to know about SOC 2

SOC 2 is an auditing procedure defined by the American Institute of Certified Public Accountants (AICPA) based on five "trust service principles": security, availability, processing integrity, confidentiality, and privacy. SOC 2 reports are unique to each organization and provide regulators, partners, suppliers, and company clients with detailed information on how the service provider stores and manages risks and data.

As of November 1, 2020, Buddy is officially in position to provide SOC 2 Type I certification report with the description of the service's organization and control systems, from data encryption mechanisms and vendor security policy, to incident response policy and HR management. The SOC 2 Type II report, describing the long-term appliance of these trust service principles, requires an individual certification procedure and should be available in approximately one year.

The trust of our clients and safety of their data is the central pillar on which our service is constructed. We are proud that we can formally acknowledge this by fulfilling the rigorous trust criteria of AICPA and producing the SOC 2 certification to the public.