WorkStep Team & News

WorkStep attains SOC 2 Type II compliance

February 9, 2022

RESOURCES WorkStep attains SOC 2 Type II compliance

WorkStep is happy to announce we have successfully met the standards for SOC 2 Type II compliance regarding security, availability, and confidentiality. Fulfilling these high standards is not only a huge milestone for WorkStep as a company, but also allows us to reassure our partners and customers that we value keeping their confidential information safe.

WorkStep products do require companies to share information about their employees, such as name, personal phone number, and personal email address. The SOC 2 Type II report on WorkStep ensures our practices keep this information protected.

What does this mean?

When a company has obtained SOC 2 Type II compliance, it means they have been monitored over a period of time and proven that the systems and processes they use keep all sensitive information secure.

SOC 2 reports on various organizational controls related to five trust service principles:

  1. Security
  2. Availability
  3. Confidentiality
  4. Processing integrity
  5. Privacy

Why is this important?

With any software company that functions in the cloud, it’s increasingly important to their clients that confidentiality and security be a top priority. SOC 2 Type II compliance is often a requirement when businesses are considering a SaaS provider.

The report, based on the audit of WorkStep in 2021, showed a clean opinion with no exceptions noted. This report is available for any WorkStep customers or prospects to view and covers all aspects of our products.

For WorkStep, it’s important that we continue to offer our customers assurance that we are securely managing our data. This not only protects the interests of our company, but also the privacy of our users. We will always strive to make this a priority.

Justin Butler

Justin Butler, Co-Founder & CTO | justin@workstep.com