We're hiring Engineers!Apply Now

SOC 2 Type 2 Certified Transaction Categorization and Enrichment24 Mar 2022

The security and privacy of our customers' data has been at the forefront of our minds and decisions since we started. As a bank transaction categorization and enrichment service, we deal with sensitive data. That's why we have always had strong measures and practices in place to ensure this information is kept safe.

In order to further validate our commitment to security, we underwent the process of being certified as SOC 2 Type 2 compliant. This certificate is the most accepted security compliance standard so we wanted to give our customers peace of mind that we follow the latest best practices around security both from a technology but also internal processes standpoints.

What does this mean?

As a SOC 2 compliant company, we take important measures to ensure our customers' data is always safe such as:

  • Encryption of data in transit (from our customers to us).
  • Encryption of data at rest (when it sits in our database).
  • IP-restricted access to our internal services, databases and configuration.
  • Monitoring access to and configuration of our systems, including automated alerts in case of anomalies.
  • Monitoring of employee work computers to ensure we're all using secure processes, such as short computer lock times, use of a password manager, hard disk encryption and antivirus use.
  • Thorough review of our vendors to ensure they're all SOC 2 compliant.
  • Periodic penetration testing of our systems conducted by a third-party.

We encourage you to have a look at our security and disclosure pages for more information on our security practices.

If you are an existing or prospective customer and would like access to our full SOC 2 Type 2 report, please get in touch at security@herondata.io and we'd be happy to provide it.