We are pleased to announce that Scalr is officially SOC 2 Type 1 certified.
A copy of Scalr’s SOC 2 Type 1 certification report is available to current and potential users under NDA upon request.
A SOC 2 Type I certification is performed by an independent third-party auditor. It certifies that a service provider such as Scalr has implemented all the necessary controls to securely manage customer data at a specific point in time.
Scalr has been evaluated according to the 5 trust service principles defined by the AICPA (American Institute of Certified Public Accountants):
The security of our customers' data and the reliability of the Scalr service is at the core of everything we do. Our product, security and engineering teams have designed the Scalr system to securely operate at scale for the most critical and demanding use cases.
Some of the world’s most security-obsessed organizations are trusting Scalr to govern their mission-critical Terraform deployments, from up and coming FinTech to worldwide retail brands and US government agencies.
The SOC 2 Type I certification report enables anyone to assess the level of security and reliability of a service provider faster. Our Type I certification is one of the many components of the security framework we’re operating with, and we’re happy to provide our community a high level of confidence in our own security practices.
We’re continuously monitoring and improving our security posture, and for more information about Scalr’s security practices, please visit www.scalr.com/system-description
Now that we’ve achieved the Type I certification, we’re focused on our next milestone: achieving SOC 2 Type II compliance.
The Type II report will validate the effectiveness of the controls that have been implemented for the Type I audit over a duration of 6 months instead of a specific point in time.
Stay tuned for our next SOC 2 Type II blog post!