We are pleased to announce that Glassix, a leading AI-powered customer support platform has successfully achieved SOC 2 compliance, underscoring our commitment to securing customer communications through rigorous data protection practices. Here’s everything you need to know about our SOC 2 compliance report and why it matters for your business.

What is SOC 2 compliance?

In short, SOC 2 is a voluntary compliance standard for technology companies with cloud-based products and specifies how an organization should manage customer data. The compliance guidelines set by the AICPA (American Institute of Certified Public Accountants) ensure services are secure, available, and confidential and that information security best practices are in place.

What being SOC 2 compliant means to Glassix

As a leading AI-powered customer support provider, Glassix prioritizes data security and integrity above all else.

At Glassix, our SOC 2 report isn't about just checking another box. We have taken security and compliance very seriously from day one and so, and our report is the official proof that we comply with the globally-recognized information security standard. 

For us, it's about excelling in each area of our business. In this case, security compliance. We've done this by showing we manage and protect customer data using best practices among our relevant business operations, policies, and systems.

So, what exactly gets evaluated?

You may be wondering, what exactly is covered by the auditor in a SOC 2 audit? Our audit covered four key Trust Service Principles: Security, Availability, Confidentiality, and Privacy relevant to Glassix’s specific business operations. Multiple tests were performed to ensure that our internal controls are implemented and operating effectively.

Scytale helped tailor the relevant controls to our infrastructure, software, processes, people, and data, relating to:

• Remote onboarding of employees
• Cloud infrastructure security
• Risk management
• Multi-factor authentication
• User access review
• Threat detection
• Change management procedures
• Assets management
• Data encryption
• Secure development and more
  ‍

As mentioned, we've built our solution around being SOC 2 compliant, but now we're proud to have the "official" stamp that recognizes our concrete data protection practices.

We achieved SOC 2 compliance and received our report in a record-breaking time with clear colors, due to the fact that we had no prior security issues and there were very minor remediations needed. We are very proud of this result, as it is a testament to our high standards of controls and security standards.

Our trusted compliance partner

Scytale’s expertise and technology helped take our compliance to the next level by automating the lengthy processes involved with SOC 2 compliance and giving us a single source of truth to track and monitor all our audit requirements.

Your data is secure with us 

We’ve earned our customers’ trust in handling their sensitive data responsibly. Our SOC 2 report serves as a solid assurance, allowing them to rest assured that their data is secure with us. 

Our SOC 2 compliance is a testament to our commitment to data security, and we proudly show customers and prospects that they’re partnering with a company that cares about their data.

Why your AI-customer support omnichannel platform should be SOC 2 compliant?

- Protect customer privacy: When you operate in sectors like healthcare, finance, or insurance, handling sensitive customer information is a given. SOC 2 compliance ensures that your provider meets high standards for data protection, which is crucial for maintaining client confidentiality and trust.

- Secure your SaaS data: By adhering to SOC 2 standards, you minimize the risk of ransomware and other data breaches, ensuring that your software and customer data remain secure.

- Scalability and availability: Hosting your product across multiple geographic locations not only helps in mitigating downtime but also enhances your SLA uptime during regional disruptions, ensuring your service remains available 24/7.

- Internal regulations and processes: A SOC 2 compliant provider demonstrates adherence to high-standard processes. This includes robust protocols for hiring, onboarding, and employee termination, ongoing security and compliance education for staff, and well-prepared physical and digital security measures to tackle any unforeseen situations.

- Renewability and continuous compliance: The SOC 2 certificate isn’t just a one-time accolade. It requires annual renewal and continuous adherence to stringent compliance standards, ensuring your omnichannel provider remains on the cutting edge of data security protocols.

What’s next?

Incorporating these elements into your decision to choose a SOC 2 compliant provider can substantially enhance your security posture and reliability, setting a solid foundation for customer trust and business growth. Maintaining compliance is critical and that’s why we committed to renew our SOC 2 report annually. In the meantime, we are continuously monitoring our compliance effectiveness and updating all necessary policies and procedures.