We’re excited to announce that Userback is now officially a certified SOC 2 Type 2 company.
SOC 2 Type 2 is one of the highest information security standards available for SaaS companies. As a Userback customer, this news demonstrates how seriously we take the security and safety of your data.
What is SOC 2 and why is it important?
SOC 2, or Service Organization Controls 2, is a framework that is governed by the American Institute of Certified Public Accountants (AICPA). It involves an independent auditor checking a company’s policies and procedures to ensure they’re effectively protecting data. A SOC 2 report shows a company’s dedication to data security and customer information protection.
Boosting security
SOC 2 compliance demonstrates a company’s commitment to earning customer trust and improving overall security. In today’s world of cyber threats and data breaches, safeguarding information is crucial. A SOC 2 audit validates our controls and processes, ensuring they’re up to standard and endorsed by a third party.
Why we pursued SOC 2 now
SOC 2 compliance is an integral step in proving to customers, stakeholders, and interested parties that our organization values their trust and has effectively implemented security controls. At our company’s stage, we realized that it was an ideal time to pursue this as it is important to protect data and mitigate potential security risks early and on an ongoing basis.
Userback’s journey to SOC 2 compliance
Big shout out to our Compliance Partners!
1. Vanta
We partnered with Vanta, a leader in the Trust Management space, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data.
2. Advantage Partners
Our audit firm, Advantage Partners, was extremely helpful in creating a seamless audit experience. With their guidance and support, we were able to achieve SOC 2 compliance in a swift, efficient manner.
Process
Although SOC 2 can be a big undertaking, our compliance partners significantly helped us to streamline the process. We used Vanta to integrate our key systems and guide us in implementing policies and procedures to quickly become audit ready.
Advantage Partners then confirmed our audit readiness and we kicked off our Type 2 audit. For the audit, Advantage evaluated the controls we have in place and opined on their state. Shortly after our audit window ended, Advantage Partners drafted and issued our report.
Lessons we learned
One key takeaway is that enhancing our security and meeting compliance standards is a big job. However, it does become easier with the right partners. The preparation phase might take the longest, but by prioritizing compliance, we managed to get ready for the audit in just a few weeks instead of months.
We also realized the importance of coordinating the audit timeline with Advantage Partners, selecting an ideal audit date, and then working backward to ensure readiness. Now that we’ve put controls in place and reaffirmed security as a priority, future SOC 2 audits will be even smoother.
What does Userback’s SOC 2 certification mean for you?
Userback, as a user feedback platform that captures your users’ feedback, ideas, opinions and sentiment via feedback widgets, in-app surveys, and session replays – collects a lot of user data. It is extremely important for us to make you feel confident that your user data is in good hands. This is why we decided to subject ourselves to the SOC 2 audit and certification process.
Current and prospective customers interested in a copy of our SOC 2 Type 2 report may get in touch to obtain more details.
