We are delighted to announce that Hopstack has achieved the SOC-2 Type II certification, one of the highest data security and handling standards.
Achieving this standard with an unqualified opinion from the Association of International Certified Professional Accountants (AICPA) proves that Hopstack provides enterprise-level security for customers’ data secured in Hopstack’s systems.
What SOC-2 Type II validates for Hopstack
All Hopstack personnel, employees, and contractors are part of regular security training sessions, which helps create a culture of security in the organization. Along with that, confidentiality or other types of Non-Disclosure Agreements (NDAs) are signed by all
employees, contractors, and others who have a need to access sensitive or internal information.
All development projects at Hopstack, including cloud software products, support services, and internal tools comply with secure development lifecycle principles. All development of new products, tools, and services, and major changes to existing ones, undergo a design review to ensure security requirements are incorporated into the proposed development.
Hopstack deploys third-party penetration testing and vulnerability scanning of all production and Internet-facing systems on a regular basis. Hopstack performs penetration testing both by internal security engineers and external penetration testing companies on new systems and products or major changes to existing systems, services, and products to ensure a comprehensive and real-world view of products and the environment from multiple perspectives.
Hopstack provides maximum security with complete customer isolation in a modern, multi-tenant cloud architecture. The platform leverages the native physical and network security features of the cloud service and relies on the providers to maintain the infrastructure, services, and physical access policies and procedures.
Audit and Compliance
Hopstack successfully completed the AICPA Service Organization Control (SOC) 2
Type II audit. The audit validates that Hopstack’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security. Hopstack Incorporated was audited by Prescient Assurance, a leader in security and compliance certifications for B2B, SaaS companies worldwide. Prescient Assurance is a registered public accounting in the US and Canada and provides risk management and assurance services which include but not limited to SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, CSA STAR, etc.
An unqualified opinion on a SOC 2 Type II audit report demonstrates to Hopstack’s current and future customers that Hopstack manages their data with the highest standard of security and compliance.
Please reach out to us at firstname.lastname@example.org for Hopstack’s SOC-2 Type II certificate or if you have any further questions about our data practices.