Foxglove Receives SOC 2 Certification
Foxglove is now SOC 2 Type II compliant! After undergoing an audit according to AICPA standards, we’re excited to announce that our security processes, data protection protocols, and privacy controls met the rigorous criteria of this accepted industry standard.
What is SOC 2?
SOC 2 is an independently conducted auditing procedure that ensures service providers like Foxglove manage our customers’ data securely – to protect both your privacy and the interests of your organization.
This voluntary compliance standard evaluates vendors on five trust service principles:
- Protecting systems against unauthorized access
- Examples: Firewalls, two-factor authentication, and intrusion detection
- Making systems and services accessible in accordance with a service level agreement (SLA)
- Examples: performance monitoring, disaster recover, and security incident handling
- Processing integrity
- Delivering accurate data in a timely and authorized manner
- Examples: Quality assurance and processing monitoring
- Limiting data access and disclosure to authorized parties
- Examples: Data encryption, access controls, and firewalls
- Using, retaining, disclosing, and disposing of personal information in accordance with an organization’s privacy notice
- Examples: Access control, two-factor authentication, and data encryption
In addition to these five criteria, there are two types of SOC 2 compliance certification that a company can receive:
- Type 1
- Compliance at a point in time
- Describes whether a vendor’s systems meet relevant trust principles
- Type 2
- Compliance during an observation window (6 months to 1 year)
- Details the operational effectiveness of these compliant systems
SOC 2 reports are unique to each organization. Our team at Foxglove implemented controls to comply with the trust principles, so that we could provide information on how we manage and protect your data.
Why did we get SOC 2 certified?
As a developer tools company specializing in robotics data storage and visualization, Foxglove is in the position of handling many different categories of sensitive customer data. Not only do we help our customers store mission-critical robotics data, we also handle their personal contact data, team information, and application data.
As a result, getting SOC 2 Type II certified was a no-brainer for us. We are committed to protecting the sensitive data you entrust to us, and we want to do this by meeting the industry’s highest standards for these protocols. We feel very strongly about prioritizing security as we build out our team and products, and this audit was a natural progression of that commitment.
In pursuing this certification, we took a close look at our products from every possible angle – like system design, server architecture, access controls, and authentication flows – to ensure that they would secure and protect your data at every step. We made concrete changes like adding audit logs, improving monitoring, and documenting our alert policies, so that we would be prepared to sustain this level of compliance well into the future.
While SOC 2 compliance isn’t a requirement for Foxglove or any other company, we believe strongly in protecting and securing our customers’ data. Our hope is that this certification gives you even more confidence in how we handle and protect your most sensitive data.
To remain SOC 2 compliant, we will be completing annual audits, verifying our practices over the prior 12 months, going forward. No matter how much our team and products change and evolve, you can trust that our software and practices are backed by the peace of mind that this certification affords. We hope you stay tuned!
If you require a full copy of our SOC 2 report, please don’t hesitate to contact our sales team.
The best kind of pricing update.
Record and visualize your MCAP data with ROS 2 tooling.
Get blog posts sent directly to your inbox.