We take security very seriously at Packagecloud. There are strict protocols in place to protect and manage customer data and we rigorously follow the highest industry benchmarks, but we wanted to do more.
We are proud to announce that Packagecloud has successfully completed a SOC 2 Type 1 audit and received our attestation.
Our compliance journey was accelerated by Drata, a powerful compliance platform with stellar customers like Postman, Airbase, and Notion. Packagecloud is happy to join the company they keep! We were supported by Dansa D'Arata Soucia LLP, a leading public accounting firm based in New York.
What is SOC 2?
The SOC 2 is an auditing standard set by the American Institute of Certified Public Accountants (AICPA).
SOC 2 provides a framework for evaluating the design and effectiveness of a company's security and privacy controls. A SOC 2 attestation is an audit report that provides assurance about the security and privacy controls of a company's information systems.
Our successful attestation means Packagecloud meets the highest industry standards in areas such as access controls, data confidentiality, data integrity, and availability.
Packagecloud has continuous monitoring and safeguards in place for data in transit or at rest. Not only that, we have real-time visibility across the organization to ensure the end-to-end security and compliance posture of our systems at all times.
Trust service criteria
Our report covers the AICPA's SOC2 security, availability, and confidentiality trust service criteria (TSC) for effectively handling customer data.
A SOC 2 attestation demonstrates to customers that Packagecloud has implemented security and privacy controls following industry benchmarks and best practices to protect customer data.
This is just the beginning
Packagecloud views security as one of the core foundations upon which our products are built, and upon which trust with our customers is earned and maintained.
A SOC 2 attestation is an important milestone for Packagecloud, but is in no way an end to our commitment to our customers and the security of their data.