Overview

Customers often inquire about Kandy's compliance with SOC 2, a widely recognized auditing standard developed by the American Institute of CPAs (AICPA). This standard is used to assess a service organization's controls related to security, availability, processing integrity, confidentiality, and privacy.

Solution

Currently, Kandy itself is not SOC 2 compliant. However, it's important to note that the data centers Kandy uses for hosting are indeed SOC 2 compliant. This means that while Kandy as a service is not directly SOC 2 compliant, the infrastructure it relies on for data storage and management meets the SOC 2 standards.

In addition to this, Kandy holds the ISO 27001 certification, a globally recognized standard for information security management systems. You can learn more about this certification here.

Summary

While Kandy itself is not SOC 2 compliant, the data centers it uses for hosting are. Furthermore, Kandy is ISO 27001 certified, demonstrating its commitment to information security.

FAQ

1. Is Kandy SOC 2 compliant?
No, Kandy itself is not SOC 2 compliant. However, the data centers it uses for hosting are SOC 2 compliant.

2. Does Kandy hold any information security certifications?
Yes, Kandy holds the ISO 27001 certification, a globally recognized standard for information security management systems.

3. What does ISO 27001 certification mean?
ISO 27001 certification demonstrates that an organization has defined and put in place best-practice information security processes.