Stream Achieves SOC 2 Compliance
Stream is seeing unprecedented growth within the cloud-offering ecosystem and now serves over a billion end users. As the leading provider of API-driven Activity Feeds and Chat, our team is excited to announce we have completed our SOC 2 Type I audit with the help of Secureframe.
What is SOC 2?
SOC 2 is one of three types of Service and Organization Control (SOC) frameworks developed by the American Institute of CPAs (AICPA). Independent auditors use the framework to validate a company’s systems and controls with respect to information security. Upon completion of the audit and a thorough review of the evidence provided by the company, the auditor issues a SOC 2 report detailing its findings on the company’s security controls related to areas such as:
- Oversight of the organization
- Vendor management programs
- Internal corporate governance
- Risk management processes
- Regulatory oversight
We at Stream believe it is our core responsibility to be fully transparent with how we operate. Completing our SOC 2 Type I audit is one of many steps we plan to take to provide next-level communication to our customers.
Stream has always been at the forefront of protecting our customers' data. While SOC 2 Type I compliance is new to Stream, our team has long employed proven security processes and operations to reinforce our API-driven environment's security. These include:
- Data Encryption (in transit and at rest)
- Third-Party Penetration Testing
- Least-Privilege Access Controls
- Audit Logging
- Endpoint Monitoring
- E.U.-only and U.S.-only Data Persistence Options
- U.S.-E.U. Privacy Shield Framework Certified
- GDPR, CCPA and HIPAA compliance
As a testament to continual excellence in security and compliance, Stream is working toward achieving SOC 2 Type II compliance and ISO 27001:2013 certification.
The use of our SOC 2 report is restricted. For inquiries, please contact firstname.lastname@example.org.