We are pleased to announce that an independent service auditor has certified that Rollbar meets SOC 2 Type II criteria and also SOC3 criteria. This extends our security, data privacy, and compliance certifications. Last year Rollbar was certified to meet SOC Type I to go with our existing ISO 27001 certification. The ISO 27001 standard promotes continuous improvement of security processes and demonstrates our commitment to customer support, customer excellence, and data privacy and security. By moving on to achieve the SOC 2 Type II certification we demonstrate our commitment to these standards.
SOC 3 reports are based on the Auditing Standards Board of the American Institute of Certified Public Accountants' (AICPA) existing Trust Services Criteria (TSC). The purpose of the report is to provide a publicly facing version of the SOC 2 attestation report for customers who need assurances about service organization's controls relevant to security, availability, processing integrity, confidentiality, and privacy, but do not require a full SOC 2 report. SOC 3 reports can be freely distributed because they are general use reports. You can read Rollbar’s SOC 3 report here.
A SOC 3 report contains a written assertion by service organization management regarding control effectiveness to achieve commitments based on the applicable trust services criteria, as well as service auditor's opinion on whether management's assertion is stated fairly.
To achieve these standards we have to prove our processes, elevate the level of our security and compliance controls and demonstrate that our access control, encryption, security testing, penetration testing, security awareness training, customer education and risk management are all operating correctly and can pass a third party audit.
"The security of our customers’ data is critical to us and we are constantly working to improve our processes and systems to keep them secure. Our customers are trying to deliver products faster and faster and our continued efforts in these areas are part of delivering a Continuous Code Improvement solution to our customers to help them deliver better quality code.” said Brian Rue, CEO and Co-founder of Rollbar.
Rollbar will continue to monitor, test, develop, and improve its security and compliance controls to ensure our security and that of our customers.