Free NetBox Cloud has arrived. Learn more →

NetBox Labs Achieves Full SOC 2 Type II Compliance

We’re thrilled to announce that NetBox Labs has successfully completed the SOC 2 Type II audit. Security is always in focus for us, and this marks a big milestone in our commitment to maintaining high standards of security and data protection. Today’s achievement builds on  the SOC 2 Type I compliance we achieved last year, further solidifying our dedication to upholding the trust you place in us at NetBox Labs.

What is SOC 2 Compliance?

SOC 2 (Service Organization Control 2) compliance is a framework for managing data protection and ensuring the security, availability, processing integrity, confidentiality, and privacy of customer data.  SOC2 was developed by the American Institute of Certified Public Accountants (AICPA), and it’s specifically designed for service providers storing customer data in the cloud – like NetBox Labs. You trust us with your data, and our SOC 2 compliance demonstrates your trust is well placed.

Part of the SOC 2 compliance process is for an auditor to assess the extent to which we adhere to the five trust service principles:

  • Security: The system is protected against unauthorized access (both physical and logical).
  • Availability: The system is available for operation and use as committed or agreed.
  • Processing Integrity: System processing is complete, valid, accurate, timely, and authorized.
  • Confidentiality: Information designated as confidential is protected as committed or agreed.
  • Privacy: Personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice.

SOC 2 Type II validates that we’ve actually implemented our stated security controls

The journey to becoming fully SOC 2 Type II compliant is long – but a rewarding process that we’re glad to have taken on. After we achieved SOC 2 Type I compliance in 2023, which assessed our systems and the design of our controls, we kicked off a more rigorous Type II audit. The Type II audit evaluates the operational effectiveness of our controls over a longer period. The goal is to prove our ongoing commitment to security, availability, processing integrity, confidentiality, and privacy. And as you can see – we nailed it.

What Does SOC 2 Type II Compliance Mean for You?

SOC 2 Type II compliance isn’t just a badge of honor for NetBox Labs- it’s a promise to our customers, partners, and community. This certification means:

  • Enhanced Trust: You can have even greater confidence in our services and the way we manage your data.
  • Rigorous Security Measures: Our systems and processes have been rigorously evaluated and tested to ensure they meet high standards of security.
  • Commitment to Privacy: We are fully committed to protecting the confidentiality and privacy of the information entrusted to us.
  • Operational Excellence: Our operational practices have been thoroughly assessed and have met the stringent criteria set forth by the SOC 2 Type II standards.

Always Evolving Our Security Strategy

Becoming SOC 2 compliant isn’t a one-time event. It’s an ongoing process to maintain our compliance, and we’ll do regular audits that’ll verify we maintain these standards over time. SOC 2 is part of our ongoing commitment to excellence and continuous improvement in our security and operational practices. And of course, SOC 2 isn’t enough all on its own.  We’ll continue to monitor, review, and enhance our controls and processes to meet the evolving challenges and expectations in data security and privacy as our platform, customers, use cases, ecosystem, and security practices evolve.

Want a Deeper Look?

Curious for a taste of what went into the SOC 2 audit? Here are a few examples of the security policies that we have in place. These and many more were reviewed and validated by the auditors: 

  • NetBox Labs makes sure customer production data is segmented and only accessible to authorized customers
  • NetBox Labs does frequent automated backups of all customer and system data
  • NetBox Labs completes regular penetration tests
  • At NetBox Labs, every employee uses SSO and MFA to access production environments
  • In our dev teams at NetBox Labs, code changes are reviewed by someone other than the originating code author
  • NetBox Labs does regular automated vulnerability scans
  • The NetBox Labs team regularly reviews and improves our processes for security incident response
  • Everyone at NetBox Labs completes regular security awareness trainings

Want to go deeper? You can read more about our security policies and our overall approach on our dedicated Security and Compliance page – give it a look!

Thank You for Your Trust and Support

We want to take this opportunity to thank you for your continued trust and support. Our SOC 2 Type II compliance reflects our unwavering dedication to serving our customers and community with the highest levels of security and reliability. We’ll always continue to provide you with the secure, reliable services you have come to expect from NetBox Labs, now with the added assurance of our SOC 2 Type II compliance.

As always – more is coming! Stay tuned for more updates as we continue to enhance our services and security measures at NetBox Labs. Your security and trust are our top priorities, and we are committed to delivering excellence every step of the way.

The NetBox Labs Team

Share the Post:

Related Posts