SOC 2 compliance

1 minute readSecurity

SOC 2® is a Service Organization Control (SOC) framework administered by the American Institute of CPAs (AICPA) that assesses an organization’s adherence to the five Trust Service Criteria (TSC).

According to the AICPA, a SOC 2 report is ideal for SaaS and cloud service organizations that want to assure customers that their information is secure and available whenever needed. A SOC 2 report also helps organizations to establish the effectiveness of any controls that may be required by their governance process.

There are two levels of SOC 2 reports: type I, which describes whether the organization’s design meets five trust service principles, and type II, which also includes an assessment of the controls put in place by the organization.

CloudBees Feature Management is SOC 2 type II compliant. For more information, please refer to Security - CloudBees Feature Management.

Customer privacy is assured

CloudBees Feature Management does not have access to or save customer data, including any personally identifiable information (PII). CloudBees Feature Management architecture is built around privacy.

Targeting specific customers occurs on the client side (mobile app, web app or a backend system) with locally available attributes and is never transmitted back to CloudBees Feature Management.

If you have any security requests regarding your specific CloudBees Feature Management configuration, submit a product request to CloudBees Support.