July 18, 2022

Key takeaways from our journey to SOC 2 compliance

We’re excited to announce that eqtble, the platform for tracking and accomplishing your DEI goals, has received its SOC 2 compliance certification!

At eqtble, security is our top priority. To gain actionable insights and accomplish their DEI goals, customers trust us with their most sensitive data. We take this responsibility very seriously and therefore have dedicated an extensive amount of time to secure our platform so customers can be assured their data is safe.

“Our single and most important core fundamental is security. With SOC 2, we are signaling to our customers that they can trust us to handle their most sensitive data. Our goal is to enable customers to track and accomplish their DEI goals and not worry their data might be compromised.”

Ethan Veres, Chief Technology Officer at eqtble

During our journey to SOC 2 compliance, we learned some key takeaways:

Make security your top priority from your first line of code

We started using Vanta as the first step in our journey to SOC 2 compliance. Connecting to Vanta helped us understand what we needed to accomplish right away. Do this early and as the first step in your process.

Identify who owns the process right away

It was important for us to get SOC 2 quickly and appointing a lead on the project was necessary. Our CTO, Ethan, took responsibility and briefly pivoted his team to help implement the security controls for SOC 2 compliance. 

Hire a 3rd party expert to create the policies

This is the low-hanging fruit that will take you a while. It is hard to establish policies while you are also trying to build a product and run a business. If you are not a security expert, it is difficult to know where to begin. Working from templates, you could miss implementing critical security policies. Therefore, we hired a 3rd party expert to create the policies for us. 

Practice patience

Obtaining SOC 2 takes time but is a necessary step in maintaining the security of your platform and keeping customers’ data safe. 

Establish transparency

It is important to us that we are transparent and keep our customers informed on our security compliance journey. We use Safebase to actually show our customers how seriously we take security of our platform. Having a security page has enabled us to streamline our security reviews and give our customers confidence that their data is secure.

Thank you to all of our eqtble team members, customers, and partners including Vanta , Safebase and Sensiba San Filipipo who have helped us along this journey to get SOC 2 certified!