When we founded Tadabase five years ago, Hitesh and I knew from the very beginning that security would be our north star. Over 1,250 businesses trust Tadabase with their most important information- their data- which is why we’ve prioritized security from day one, implementing the most advanced encryption and app security practices, using the most advanced firewalls available, and working closely with ethical hackers and third party penetration testers to ensure maximum security of our customers’ data at all times.
Today, I am excited to announce that all of our security efforts have culminated in our SOC2 compliance, certifying Tadabase’s security by the most respected accreditation standard on the market and making all of our security practices and procedures transparent to our customers.
Why SOC2?
If Tadabase is so secure, why did we need SOC2 accreditation? That’s a great question, especially considering: 1. Most of our competitors are not SOC2 certified and 2. SOC2 certification is a beast of a process and an expensive one at that.
The answer really comes down to you, our customers. As much as we talk about being secure, we believe that you deserve the peace of mind that comes with knowing that the company with which you entrust your data has been audited and certified by the most reputable accreditation standard on the market.
We believe that you deserve our full transparency with our security practices and procedures, which have now been audited, certified, and made fully available in our SOC2 report that can be accessed by our customers.
How did we achieve SOC2 compliance?
We've gone through an extensive independent auditing procedure to examine all our security practices and security controls to ensure they meet SOC2 standards for the following five trust service principles:
- Security
- Availability
- Processing Integrity
- Confidentiality
- Privacy
Much of what was required to achieve SOC2 compliance we already had in place, but the audit required us to beef up our security in other areas. As a result, we now have a better and more secure system for how we manage our codebase across our team, a strengthened monitoring system across our entire platform for how we maintain our infrastructure and detect internal and external threats, and a stronger structure for monitoring and maintaining our anomaly and audit trails.
What’s in the SOC2 report?
Essentially, the report confirms that Tadabase meets the highest industry standards when it comes to keeping data safe. Produced by a rigorous independent auditor, the report includes detailed explanations of our:
- Risk management programs
- Commitment to integrity and ethical values
- Access control procedures
- Password policies
- Physical protections over physical assets
- Data transmission and intrusion detection systems
Customers can request a copy of our SOC2 report by emailing support@tadabase.io.
What’s next?
While SOC2 certification is certainly an accomplishment for us, we are on a continuous journey of security and trust and are committed to strengthening our security standards ever further going forward.
By partnering with Vanta, we are committed to continuously monitoring and maintaining our SOC2 compliance and making these efforts transparent with our customers.
Receipt of our Type 1 report is just the beginning, and we're already working on Type 2 and undergoing the 3-month audit.
Additionally, with customers from all over the world, we are also working on achieving ISO27001.
Published by