TerraTrue bolsters its information security and privacy with SOC 2 certification

Independent assessment validates our commitment to safeguard customer data

We’re proud to announce that we’ve achieved SOC 2 Type 2 compliance per the American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations also known as SSAE 18.

Achieving this standard with an unqualified opinion serves as third-party industry validation that TerraTrue provides enterprise-level security for customer data secured in the TerraTrue Platform. TerraTrue was audited by Prescient Assurance, a security and compliance attestation leader for SaaS companies worldwide.

“Data security is a fundamental element of TerraTrue’s commitment to protecting sensitive user information and privacy. We are proud to say that we have successfully demonstrated a mature and reliable commitment to protecting our customers’ data. A SOC 2 Type 2 audit report attests to TerraTrue’s current and future customers that we manage their data with the highest standard of security and compliance. We focus on the privacy and security of our customers’ data so that they can focus on their customers.”

JAD BOUTROS, CO-FOUNDER AND CEO OF TERRATRUE

What is a SOC 2 Type 2 Report?

A SOC 2 Type 2 Report is a Service Organization Control (SOC) audit on how a cloud-based service provider handles sensitive information. It covers the suitability of a company’s controls and its operating effectiveness. These audits provide an objective quantitative assessment that the company conforms to AICPA’s SOC framework and manages its customer data in a controlled and audited environment.

A sample of some controls covered in a SOC 2 Type 2 include:

• Communication of changes to customers
• Internal access control to production environments
• System monitoring and ongoing risk assessments
• Disaster recovery and data backup
• System and security monitoring and incident response processes
• Employee onboarding and termination processes

We strongly feel that SOC 2 Type 2 reports are essential for trust-based relationships built upon a foundation of security and accountability. A SOC 2 Type 2 assessment is evidence that TerraTrue is implementing the security controls we say we are and that those controls are working correctly to protect data.

Without eyes and ears across the cloud, it is difficult to assess how secure information is in the hands of third-party vendors. A SOC 2 Type 2 report offers peace of mind for our customers and partners including modern brands like Lyft, Robinhood, Roku, and Foursquare. Find out why they are shifting left to get privacy right with TerraTrue by booking a demo.