Blog

Announcing Hex's SOC 2 Type II Report

Security is our most important job. This report reflects how seriously we take our obligations for customer data.

Security @ Hex

Hex is a platform for working with data, including some of our customer's most sensitive information. We work to earn their trust by putting security and privacy front-and-center.

This includes industry-leading controls, data minimization, and a secure-by-design architecture. Perhaps most importantly, we have built a security-conscious culture from Day 1: everyone at Hex knows that security is our most important job. You can read more about our processes and approach here.

Announcing our SOC 2 Type II Report

Earlier this year, we started our SOC 2 certification process. A SOC 2 report is for service organizations that hold, store, or process the information of their users. You can read more about it here.

A couple of months ago, we obtained our SOC 2 Type I report. This represents a "snapshot", indicating that we have robust controls in place to ensure the security and availability of our customers' data.

Today, we are announcing that Hex has also obtained a SOC 2 Type II report. This is the most comprehensive SOC protocol, and attests not only to the suitability of our process and systems, but our operational effectiveness of sticking to those controls over a period of time.

The full writeup describes our suite of controls for securing and handling customer data, including:

  • System monitoring and ongoing risk assessments
  • Internal access control to production environments
  • Disaster recovery, data backup, and incident response processes
  • Communication of changes to customers
  • Employee on-boarding and termination processes

We're proud of this report. It is a reflection of our dedication to security, and the product of many months of hard work from our team. We will continue to pursue additional certifications in the future. But our commitment to security is about more than checking a box: every day we make sure that our systems and processes are worthy of the important data our customers trust us with.

The seal means it's official
The seal means it's official

We care about security at Hex, and love working with customers and team members who take it as seriously as we do. Reach out if you fall into either category - we would love to talk.