We're now SOC 2 compliant | Census

Brad Buda
4 February 2021

We know how important data security is to you and the data you send through our infrastructure which is why we are delighted to announce that Census is compliant with the SOC 2 Type 1 standard for security, availability, and confidentiality.

What does this mean for you?

It means we have designed a set of internal controls, systems, policies, and procedures that meet industry best practices for protecting customer data and ensuring high availability processing, and that an independent 3rd party auditor has verified the design of those controls and systems. If you are interested in learning more about the various criteria and milestones we had to work toward, you should read this comprehensive list.

Can I see a copy of the auditor’s report?

If you are an existing Census customer, contact your Customer Success Manager or ping us in your dedicated Slack channel and we are more than happy to give you our SOC 2 audit report. If you are currently trialing Census, your point of contact can provide you the SOC 2 audit report under NDA.

What’s next for compliance at Census?

To continue to meet the SOC 2 standards, Census will undergo an additional audit (known as SOC 2 Type 2) that verifies that we have maintained the controls and standards we have set for ourselves over a long period of time. We will update this space when that Type 2 audit has been successfully completed.

The hard part of security isn’t designing a secure system - it’s practicing and executing on that design every day. SOC 2 compliance will be assessed at least annually, and our auditors will ensure that the controls and policies we have adopted to meet this standard will be practiced by our entire organization. These controls are another entry in a long list of things that Census has been doing to protect your data since our inception, including:

  • Our secure by design approach to systems architecture
  • Practicing the Software Development Lifecycle (SDLC)
  • Regular third-party penetration testing
  • Automated vulnerability scanning
  • and much more

We hope by working toward these milestones, we will continue to demonstrate the importance we place on your trust and how much we value it.