We're glad to share that as of April 15, 2021, Common Room is SOC2 compliant.
Trust First.
When candidates ask us "What's something you love about working at Common Room?" an answer we often hear ourselves giving is some version of, "Our team is built on the foundational trust that each of us strives to build with excellence." It's an honest answer, and it's one that extends far beyond how we think internally—it extends to the way we think and build for our customers.
For us at Common Room, earning and maintaining the foundational trust of our customers is the most important thing we can do to realize our mission of helping them to deepen relationships across their communities and of enabling them to feel safe, supported, and connected.
Why SOC2 compliance?
For too long, organizations have been thirsting for a solution in the community management space. Early on, our pilot customers voiced a desire to move their mission-critical workloads and community member data to Common Room. These fast growing organizations, like Figma, Confluent, Pulumi, Notion, and others, require tools and teams who take a mature approach to data security.
What does SOC2 compliance mean?
TL;DR—We had to submit evidence that our cloud environments, data ingestion and storage systems, credential and permissions protocols, and even the behavior of our employees, adheres to SOC2 standards set by the AICPA in terms of data security.
A bit longer answer is that SOC2 compliance means Common Room has put System and Organization Controls (SOC) in place that ensure customers' needs are met when it comes to the "security, availability, and processing integrity of the systems the service organization (in our case, Common Room) uses to process users’ data and the confidentiality and privacy of the information processed by these systems."
Making enduring investments in customer trust and data privacy
Our SOC2 compliance means our customers can focus on the work that matters most—nurturing, engaging, and growing their communities—rather than spending time or resources worrying about building additional layers of security around Common Room.
Common Room's SOC2 certification is just the first of many investments we're making when it comes to security at the enterprise level. As we grow, we'll continue to build with customer trust and community data privacy and security at the heart of our philosophy. If you have any questions about Common Room's SOC2 compliance or any other security standards, send us a note. We're just an inbox away.
Love details?
We'd be happy to share more about Common Room's SOC2 compliance. Just ask. 
