Following on from our last SOC2 Type 1 announcement in December 2020, we are happy to announce that Hasura Cloud has achieved SOC2 Type 2 certification. This further emphasizes our continued commitment to security for our users and our community to enable mission-critical workloads to be run on Hasura.
If you'd like to read more about our SOC2 Type 1 certification (and HIPAA compliance attestation) you can find that post at this link.
The SOC (Service Organization Controls) 2 Type 2 examination was conducted by an independent, third-party accounting and auditing firm, which evaluated Hasura's processes, procedures, and controls for security, availability and confidentiality (together known as the Trust Services Criteria).
The examination was conducted by an independent third party accordance with the American Institute of Certified Public Accountants (AICPA) attestation standards and assurance standards issued by the International Auditing and Assurance Standards Board (ISAE 3000) and can be trusted by US and international customers.
This certification means that Hasura Cloud has been independently verified to have implemented a secure platform, and has a verified track record of maintaining this implementation.
By undergoing this rigorous scrutiny of our security practices, we demonstrate our commitment to protecting our customers and the trust you place in us. You can read more about our security practices at hasura.io/security/.
An additional benefit for customers building their own SaaS offerings with Hasura Cloud – SOC2 Type 2 is within your grasp, too! Secure platforms need to be built with secure tools, and this latest certification removes that extra hurdle on your own way to delivering exceptional security to your customers.
Whether you are building in FinTech, Health Tech, SaaS, PaaS, or more – Hasura Cloud provides the stability and security you need to deliver secure apps, faster.
Customers with compliance requirements may request Hasura’s SOC 2 Type 2 report as part of their compliance strategy. The report will be shared under an NDA.