Stream Achieves SOC 2 Compliance

Nick P.
Nick P.
Published September 17, 2020

Stream is seeing unprecedented growth within the cloud-offering ecosystem and now serves over a billion end users. As the leading provider of API-driven Activity Feeds and Chat, our team is excited to announce we have completed our SOC 2 Type I audit with the help of Secureframe.

What is SOC 2?

SOC 2 is one of three types of Service and Organization Control (SOC) frameworks developed by the American Institute of CPAs (AICPA). Independent auditors use the framework to validate a company’s systems and controls with respect to information security. Upon completion of the audit and a thorough review of the evidence provided by the company, the auditor issues a SOC 2 report detailing its findings on the company’s security controls related to areas such as:

  • Oversight of the organization
  • Vendor management programs
  • Internal corporate governance
  • Risk management processes
  • Regulatory oversight

Full Transparency

We at Stream believe it is our core responsibility to be fully transparent with how we operate. Completing our SOC 2 Type I audit is one of many steps we plan to take to provide next-level communication to our customers.

Stream has always been at the forefront of protecting our customers' data. While SOC 2 Type I compliance is new to Stream, our team has long employed proven security processes and operations to reinforce our API-driven environment's security. These include:

  • Data Encryption (in transit and at rest)
  • Third-Party Penetration Testing
  • Least-Privilege Access Controls
  • Audit Logging
  • Endpoint Monitoring
  • E.U.-only and U.S.-only Data Persistence Options
  • U.S.-E.U. Privacy Shield Framework Certified
  • GDPR, CCPA and HIPAA compliance

As a testament to continual excellence in security and compliance, Stream is working toward achieving SOC 2 Type II compliance and ISO 27001:2013 certification.

The use of our SOC 2 report is restricted. For inquiries, please contact