mmhmm earns SOC 2 compliance
The mmhmm Security Team
May 25, 2023
mmhmm is excited to announce that we’ve received SOC 2, Type 1 certification. This certification validates our ongoing effort and commitment to protecting the security of our customers’ data.
What is SOC 2?
SOC 2 reports center on the security of services provided by a company. Achieving certification requires an audit by an independent auditing firm registered with the American Institute of CPAs (AICPA) to verify that a provider’s service meets the specified control objectives. These objectives are developed by the AICPA to meet assurance needs of organizations vetting their service providers for security and compliance purposes.
Why SOC 2 compliance matters
mmhmm’s customers trust us with personal data, such as their login information and recorded content. To receive certification, we designed and put in place more than 40 key security controls that address potential threats to the safety of our customers’ data. We then provided our auditor with evidence demonstrating those controls so they could independently decide if they were well-designed or not. To keep our certification, we’ll have to repeat the audit process in the future.
This certification also supports customers who use mmhmm and aim to achieve SOC 2 certification for themselves.
mmhmm’s future plans for enhancing security
While this is an important step in our security journey, we will continue to improve the security posture of our company and software, adapting to new threats so we can better serve our customers. At mmhmm, protecting the security and confidentiality of the data customers’ entrust to us is part of our core values.
We have processes in place to identify and respond to new risks and threats, including assessing and improving our security measures on an ongoing basis. We will also explore additional security certifications based on the needs of our customers. These efforts are managed by our dedicated information security team who have more than 20 years of experience in cybersecurity and risk management.
For additional security questions, reach out to our customer support team at firstname.lastname@example.org.