Big news! Team Tonic is excited to announce that Tonic.ai has achieved SOC 2 Type I compliance in accordance with AICPA standards for Service Organizations for both our hosted and on-prem solutions. This achievement is just another example of how we demonstrate adherence to the strictest standards of security and compliance throughout our business, inside and out.
Got questions about Tonic.ai’s SOC 2 compliance? Drop us a line, or check out the FAQ below.
What is SOC 2 compliance?
The SOC 2 audit is an audit developed by the American Institute of CPAs (AICPA) as part of the Service Organization Control (SOC) program, that measures how an organization handles customer data. Organizations are scored on the five trust service principles—security, availability, processing integrity, confidentiality, and privacy. Passing the audit shows current and potential customers that you take data privacy and security seriously (we do) and that you’re a trusted partner when it comes to handling sensitive information.
There are two types of audits under the SOC 2 umbrella: Type I and II. Type I grades the systems in place, and Type II grades the effectiveness of those systems. (Whoooaa, we’re halfway there! 🎵)
What does this mean for you?
Independent external verification of our security practices means you can feel confident that we take security and data confidentiality really seriously. We’ve always had robust systems in place that ensured the safety and security of our customer data—this audit process is just a way of checking the boxes on paper, too. By letting a third party audit our processes and systems, we can provide you, our users, with the highest level of assurance possible that your data remains secure.
Can I see a copy of the report?
If you’d like more information about the audit, we’d love to hear from you. Please reach out to firstname.lastname@example.org, and someone from our security team will be in touch.
What's next for compliance at Tonic.ai?
In keeping with our commitment to security, Tonic has already started a Type II audit and expects to have a report available by October. The Type II audit, as mentioned above, will cover the operational efficiency of our robust systems. Watch this space for more!
To learn more about how seriously we take security measures at Tonic.ai, please feel free to reach out to our team. And stay tuned for our upcoming security page, where we’ll discuss our commitment to security and compliance, and how we uphold those values. Stay tuned for more security updates coming soon!