Back to blog
Company News
Eppo Obtains SOC 2 Type II Report

TL:DR Your information is safe with us! šŸ”

Kelly Murdock
August 1, 2022

Data Security @ Eppo

Eppo provides product & data teams with the tools that help turbocharge their experiments. We know that internal teams handle sensitive data on a daily basis so we understand how important it is to establish the proper controls to protect your information. Thus, we have built a culture thatā€™s deeply rooted in security and trust.

In addition to securing our network physically and virtually, Eppo ensures the privacy and security of our customers' data ā€” before data is stored in our systems, all sensitive information is anonymized and aggregated. Furthermore, weā€™ve taken steps to ensure your data is protected from potential threats and security breaches.

What is a SOC2 Report and Why does it matter?

A SOC 2 report signifies that an organization adheres to industry best practices related to the following criteria: security, availability, processing integrity, confidentiality, and privacy of data.

External audits are an excellent way for organizations to regularly check for flaws in their respective systems. At Eppo, we wanted to ensure that our security measures pass the standards set forth by the American Institute of CPAs (AICPA).

Our SOC2 Journey

We began our SOC 2 certification process in November 2021 and we were able to secure our SOC 2 Type 1 report by January 2022! The report was a big win for the team as it represents Eppoā€™s commitment to protecting sensitive customer data and it allowed our team to start taking on customers.

This month, we are proud to announce that Eppo has also obtained a SOC 2 Type II report! We were able to bag the ā€gold standard for security reportingā€.

The full report describes our suite of controls for securing and handling customer data, including but not limited to:

  • Employee recruitment, onboarding, offboarding & termination processes
  • Privileged access to the production network, application, operating system, and databases
  • System monitoring, vulnerability management, disaster recovery protocols
  • Incident response, documentation, & communication

Eppoā€™s SOC 2 Type I & II examination was performed by Dansa Dā€™arata Soucia LLP and facilitated by Vanta.

ā€

Latest articles

Humans of Experimentation
Experimentation is Not a Strategy
Hila Qu
March 16, 2023
Experimentation Culture
3 Ways To Sell Your Org on Experimentation
Chad Sanderson
March 8, 2023
Experimentation Culture
Doing Data Science in Sports, Where Experimentation Happens on the Field
John Sears
February 21, 2023
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Copyright Ā© Eppo, Inc.
Product
For Product TeamsFor Data TeamsFor MLĀ Teams
Company
AboutCareersCustomers
Resources
BlogDocsUpdates
SOC 2 Certificate
PrivacyTerms & ConditionsSecurity