Security is top of mind for Plain and we’ve made it official with our new SOC 2 Type II attestation, obtained after a rigorous audit to affirm the effectiveness of our security processes and controls.

Among other things, the audit serves to ensure:

• Our software development lifecycle is transparent, trackable, and controlled (issue tracking, unit testing, version control, etc.)

• Our application and underlying infrastructure are secure and monitored (encryption, logging, APM, vulnerability scans, etc.)

• We’ve implemented access controls for internal services and SaaS (de-provisioning accounts, 2FA, malware detection, etc.)

• There’s been a complete quality oversight of Plain as a whole (performance reviews, background checks, etc.)

While we’re excited to share this milestone with you, SOC 2 Type II is just the baseline. Security means a lot more than just an external audit. It’s how we build things, and a central part of our foundation. We're excited to dive into this topic more soon, so stay tuned.

For customers that would like to receive a copy of the report, please email us.