Here at env0, we are very dedicated to bringing you the best platform to manage your Infrastructure as Code environments. We deliver this to you in a SaaS format, which means you’ll be providing us access to sensitive credentials and data to us to use for deployments. We know that is a big responsibility, and we take that very seriously. With that said, we are pleased to have completed the process and obtained our SOC 2 Type II report.
Compliance with any SaaS tool is critical. You need to be sure that your data is safe in the hands of your service provider. SOC 2 Type II Compliance not only defines the parameters by which you should be complying but also audits and verifies the controls. This proves an extra layer of proved compliance over Type I that only reports management’s description of the controls. Obtaining a Type II report actually requires the auditor to test the operational effectiveness of the controls you have put in place. This way, you can trust that your data is well protected because we have actually had our control design tested by an independent 3rd party auditor. Type II also has a longer active period. For example, SOC 2 Type I reports only cover the day they are passed. Our SOC 2 Type II report is valid for 12 months. For more information on SOC 2 certifications, check out this blog.
If you would like more information on env0, or to see a copy of our SOC 2 Type II report, please reach out to set up a conversation/demo here.