SOC 2 compliance (Service Organization Control 2) is a voluntary compliance standard developed by the American Institute of CPAs (AICPA) that ensures an organization has established security processes and practices at each level of the company. SOC 2 compliance is evaluated by security, availability, and confidentiality.
The compliance is separated into two types of SOC 2 reports:
- Type 1: A report on the effectiveness of the organization’s security system and processes at the point in time in which the SOC audit was conducted.
- Type 2: A report on the effectiveness of the organization’s security system and processes in which the SOC audit observed these security controls for a period of at least 6 months.
As a voluntary security compliance, companies going the extra mile by aiming to achieve SOC 2 compliance do so to continue building trust with their customers and prospects.
CallRail is officially SOC 2 compliant
As a SaaS organization handling customer data in the form of calls, texts, forms, and chat, it’s vital to provide assurance that you and your customers data is managed and stored securely. That’s why we not only perform our own internal audits to evaluate our current risk management processes, we bring in a 3rd party auditor to deliver a detailed SOC 2 report with any potential oversights and vulnerabilities.
As part of the SOC 2 Type II report, CallRail was evaluated against the following three categories of SOC 2 requirements:
- Security: We've taken strong measures to prevent unauthorized access to our systems and protect the integrity of any information CallRail stores or processes.
- Availability: We've built our products to be up and running as close to 100% of the time as possible.
- Confidentiality: Information designated as confidential is protected with extra security controls to ensure the privacy of our customers and their customers.
Over a period of greater than 6 months, our 3rd party auditors reported no findings or issues from their SOC 2 type II report.
Keeping you and your business’ data safe and secure is up to every employee at every level of the organization. To ensure privacy and security, CallRail engaged an independent CPA to examine and report on its control that the AICPA has established, System and Organization Control (SOC) Type II. The independent CPA examined and reported on controls at CallRail relevant to Security, Availability, and Confidentiality. A copy of CallRail’s SOC 2 Type II report can be requested by contacting the legal team at legal@callrail.com.