Information Security Program
Asset & Information Management
SOC2 Compliance - Type I & Type II
When a business is SOC 2 compliant, it signifies the implementation of proper security systems to ensure security, availability, processing integrity, confidentiality, and privacy of customer data.
SOC 2 compliance is essential for technology-based service organizations that store customer data in the cloud. This makes it applicable to most SaaS businesses, and any business that relies on the cloud to store its customers’ information.
There are two types of SOC 2 audits:
Type I: The report describes a vendor’s systems and whether their design is suitable to meet relevant trust principles.
Type II: The report details the operational effectiveness of a vendor’s systems, and includes a historical element that shows how controls were managed by a business over a minimum of six months.
Instapage became SOC 2 Type I compliant in November 2019, and as of May 2020 we are now Type II compliant as well.
U.S./EU and U.S./CH Privacy Shield
You can check on our active participation through Privacy Shield Framework’s website here: https://www.privacyshield.gov/participant?id=a2zt0000000PKpfAAG&status=Active
These Privacy Shield certifications are critical to protecting data that is shared between the U.S., European Union, and Swiss networks. With these frameworks in place, Instapage shows that it is committed to protecting personal data. These protections were developed by the U.S. Department of Commerce in consultation with the European Commission and Swiss Government, as well as with industry stakeholders, to provide companies a way to legally comply with data protection requirements that are developed by participating governments.