35 parrot congas. 34 fires. 6 red hearts and 6 tadas. It’s hard to picture a more enthusiastic Slack response to a security compliance certificate, but that’s how we at Atlan felt the day we received our SOC 2 Type 1.
The SOC 2 Type 1 certificate is a leading audit procedure that ensures service providers protect customer interests and securely manage customer data and privacy. Although the process for Atlan being SOC 2 compliant was well over three months, we had, in reality, been working on it for much longer — ever since our inception.
Commitment to trust and security since Day Zero
Atlan was born as an internal tool to solve our own problems when we were a data team, working on social good projects with organizations like the United Nations, World Bank, and several large governments. We had to deal with a huge variety and scale of data, processing data for over 500 million Indian citizens at one point.
Right from the start, we prided ourselves on building an open and transparent culture, but we knew that came with great responsibility. We knew the immense trust our partners placed in us by trusting us with their data. It was incredibly important for us to ensure we built protocols to protect that trust.
So, unlike most startups that begin with features and then add “security”, security was baked into the very fabric of Atlan. One of our three product principles is “trust”. We constantly asked ourselves: How do we build an ecosystem of trust where the humans of data can trust one another and trust their data?
Trust governs our product decisions, especially the hard ones. For example, even in the early days, we wanted to ensure we brought the ease of SAAS to the security benefits of a fully virtual private cloud deployment. This meant significant investments in DevOps to make VPC deployments as seamless as getting started on a cloud-managed service. Today, customers can deploy Atlan on their AWS VPCs in under 30 minutes. We have been able to make VPC deployments several times more affordable for customers because of these upfront investments.
Access policies and governance play another important part in this puzzle. We invested early on in making classifications (such as PII, business-critical data, etc.) a first-class citizen in Atlan, allowing customers to automate tagging their data assets and setting granular access policies.
Why are we so excited about SOC 2 now then?
Simply put, the SOC 2 certificate further improves our SAAS offering — and demonstrates our long-held commitment to security as an integral part of Atlan.
Developed by the American Institute of CPAs (AICPA), SOC 2 defines the criteria for managing customer data based on five “trust service principles” — security, availability, processing integrity, confidentiality, and privacy. We’re proud to be amongst the youngest companies certified with this gold standard in security compliance.
Why should you be excited?
Whether you’re a SaaS company or a large-scale enterprise, you have yet another assurance that we treat your data with the highest standards of security, reliability, and privacy. A SOC 2 Type 1 certificate can also help convince your IT teams and other relevant stakeholders that Atlan’s processes and standards have you covered.
Andrew, who leads Go-to-Market at Atlan, just can’t keep calm about this news…
In case you’d like to see Atlan’s SOC 2 Type 1 report, please reach out at [email protected]