← Back to Blog

November 1, 2025 | 4 min read

We're proud to announce that SafeKey Lab has achieved SOC 2 Type II certification, validating our commitment to the highest standards of security, availability, and confidentiality.

What is SOC 2 Type II?

SOC 2 (Service Organization Control 2) is a rigorous auditing standard developed by the American Institute of CPAs (AICPA). It evaluates how organizations handle customer data based on five Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

A Type II certification goes beyond Type I by examining controls over an extended period (typically 6-12 months), providing evidence that security practices are consistently followed, not just documented.

Why This Matters for Our Customers

For enterprises evaluating privacy and security vendors, SOC 2 Type II certification provides independent verification that:

• Data is protected - Comprehensive security controls safeguard customer data
• Systems are reliable - Infrastructure maintains high availability
• Access is controlled - Only authorized personnel can access sensitive systems
• Changes are managed - Rigorous change management processes are in place
• Incidents are handled - Established procedures for security incident response

Our Security-First Approach

SOC 2 Type II certification is just one part of our comprehensive security program. We also maintain:

• End-to-end encryption for all data in transit and at rest
• Regular penetration testing by independent security firms
• 24/7 security monitoring and incident response
• Employee security training and background checks
• Vendor security assessments for all third parties

Request Our SOC 2 Report

Enterprise customers and prospects can request a copy of our SOC 2 Type II report under NDA. Contact our security team or your account representative to learn more.