Blog
Compliance

Announcing Tonic.ai’s SOC 2 Compliance

Author
Abigail Sims
June 7, 2022
Announcing Tonic.ai’s SOC 2 Compliance
In this article

    Big news! Team Tonic is excited to announce that Tonic.ai has achieved SOC 2 Type I compliance in accordance with AICPA standards for Service Organizations for both our hosted and on-prem solutions. This achievement is just another example of how we demonstrate adherence to the strictest standards of security and compliance throughout our business, inside and out. 

    Got questions about Tonic.ai’s SOC 2 compliance? Drop us a line, or check out the FAQ below. 

    What is SOC 2 compliance?

    The SOC 2 audit is an audit developed by the American Institute of CPAs (AICPA) as part of the Service Organization Control (SOC) program, that measures how an organization handles customer data. Organizations are scored on the five trust service principles—security, availability, processing integrity, confidentiality, and privacy. Passing the audit shows current and potential customers that you take data privacy and security seriously (we do) and that you’re a trusted partner when it comes to handling sensitive information. 

    There are two types of audits under the SOC 2 umbrella: Type I and II. Type I grades the systems in place, and Type II grades the effectiveness of those systems. (Whoooaa, we’re halfway there! 🎵)

    What does this mean for you?

    Independent external verification of our security practices means you can feel confident that we take security and data confidentiality really seriously. We’ve always had robust systems in place that ensured the safety and security of our customer data—this audit process is just a way of checking the boxes on paper, too. By letting a third party audit our processes and systems, we can provide you, our users, with the highest level of assurance possible that your data remains secure. 

    Can I see a copy of the report?

    If you’d like more information about the audit, we’d love to hear from you. Please reach out to hello@tonic.ai, and someone from our security team will be in touch. 

    What's next for compliance at Tonic.ai?

    In keeping with our commitment to security, Tonic has already started a Type II audit and expects to have a report available by October. The Type II audit, as mentioned above, will cover the operational efficiency of our robust systems. Watch this space for more!

    To learn more about how seriously we take security measures at Tonic.ai, please feel free to reach out to our team. And stay tuned for our upcoming security page, where we’ll discuss our commitment to security and compliance, and how we uphold those values. Stay tuned for more security updates coming soon!

    Abigail Sims
    Marketing
    As a reformed writer now deep in the marketing machine, Abigail can (and will) create narrative-driven content for any technical vertical. With five years of experience telling brand stories for tech startups and small businesses, she thrives at the intersection of complex data and creative communication.
    Real. Fake. Data.
    Say goodbye to inefficient in-house workarounds and clunky legacy tools. The data you need is useful, realistic, safe—and accessible by way of API.
    Book a demo
    The Latest
    Tonic Validate extends its RAG evaluation platform to support metrics from Ragas
    RAG Evaluation Series: Validating the RAG performance of OpenAI vs CustomGPT.ai
    Building vs buying test data infrastructure for ephemeral data environments