Samsara products are built from the ground up with security and privacy in mind. Given the large amounts of data our system generates, we hold data security to the highest standards. As a customer-centric company, Samsara is deeply committed to the security of customer data within our entire platform—from our cloud and mobile applications to our hardware devices.
The Security and Organization Control (SOC 2) is an industry-recognized attestation report given to a company after an audit of the company’s internal practices. See SOC 2 Report for a report overview.
If you believe you’ve discovered a security vulnerability, please promptly complete the Security Vulnerability Form available from Samsara Security > Security Disclosure Policy or notify your Samsara account representative. Samsara takes all such reports seriously. We will investigate the reported issue and work quickly to fix valid vulnerabilities.
SOCs are a set of standards outlined by the American Institute of Certified Public Accountants (AICPA) to measure how a service organization handles its users’ data. A SOC 2 report provides detailed information and assurances about a service organization’s controls relevant to the systems the service organization uses to process customer data. A service organization may obtain a SOC 2 report after a third-party review of the security and availability of those systems. Companies often rely on a service organization’s SOC 2 report as a security compliance requirement.
The report serves as an assurance to customers that Samsara:
-
Secures customer data and personal information
-
Ensures customers have easy access to their data within our platform
-
Prevents unauthorized access to customer data and information
The SOC 2 process has two components: a Type I report and a Type II report:
-
SOC 2 Type I report: describes the systems to process data and the suitability of those internal controls.
-
SOC 2 Type II report: looks at how effectively our internal controls and processes operate over a longer period of time, usually between six months to one year.
The full SOC 2 report describes the various security controls and processes we use to secure customer data and make this data consistently available to our customers. It details the precise software infrastructure and processes we use to achieve data security and availability. A few of the controls covered in our report are:
-
System monitoring and ongoing risk assessments
-
Internal access control to production environments
-
Disaster recovery, data backup, and incident response processes
-
Communication of changes to customers
-
Employee on-boarding and termination processes
See Samsara Security and Samsara Privacy Principles for additional information on the SOC 2 Report and security practices.
Comments
0 comments
Please sign in to leave a comment.