snow
Join us at the Snowflake Summit!
Visit us at Booth #1206.
snow
Blog ill3 1
Share this article

Honeydew – SOC 2 Announcement

Picture of Engineering Team
Engineering Team

s official! We are SOC 2 Type II compliant and we want to talk about it.

We are delighted to announce that we are officially SOC 2 compliant and proud to have the “official” stamp that recognizes our secure data protection practices.

What is SOC 2 compliance?

SOC 2 is a voluntary, security compliance standard for tech companies with cloud-based products. In a nutshell, it’s all about how you handle customer data and keep it safe. SOC 2’s compliance guidelines are set by the AICPA (American Institute of Certified Public Accountants) and ensure services are secure, available, and confidential.

Why SOC 2 compliance matters

Cyber attacks, data breaches and ransom attacks are an ever-present threat, now more than ever. Organizations need to protect their data and adhere to federal regulations and industry standards. Here at Honeydew, having robust protection of customer data is our top priority.

Being in accordance with SOC 2 standards allows us to demonstrate our report to our customers, partners and stakeholders, serving as evidence of our compliance with the universally-acknowledged information security benchmark.

Moreover, it pertains to guaranteeing that our organization implements information security policies, controls and practices at the highest level, thereby earning the trust of our customers and partners!

So what exactly was audited

You might be curious about what exactly gets evaluated to achieve SOC 2 compliance. Our audit covered three essential Trust Services Criteria, namely Security, Availability, and Confidentiality. Numerous internal verifications were conducted to ensure the proper implementation and effectiveness of all aspects.

Scytale assisted in customizing controls to fit Honeydew’s infrastructure, software, processes, personnel and data. This involved implementing controls pertaining to:

  • Remote onboarding/offboarding of employees
  • Cloud infrastructure security
  • Information security risk management
  • User access review
  • Multi-factor authentication
  • User access review
  • Threat detection
  • Change management procedures
  • Asset management
  • Data encryption
  • Secure development and more
What comes next?

Once an organization is SOC 2 compliant, it does not end there. This is not a once-off project and here at Honeydew, we will continue to maintain our compliance, monitor our security systems and update all necessary policies and procedures.

Honeydew will remain committed to continuous review of information security, supplying top-notch data security and compliance to our customers

6 minute read
Talking to data has become feasible thanks to LLMs, But How? And Why?
Picture of David Krakov
David Krakov

Co-founder and CEO

10 minute read
Where to build that metric? Should it be in dbt or a semantic layer? Join me talking with Adam Morton
Picture of Nir Yalin
Nir Yalin

Head of Data Solutions

6 minute read
Where to build that metric? Should it be in dbt or a semantic layer? Join me talking with Adam Morton
Picture of David Krakov
David Krakov

Co-Founder & CEO