We've been audited and certified from the most reputable accreditation standard on the market.
Hey everyone—I have the sexiest and most boring announcement to make. ProfitWell's products are now SOC 2 certified and accredited.
What does that mean?
I started my career working in the US intelligence community and while there are plenty of stories I can't tell you, because I'd have to kill you. Not seriously, but it's one of the only jobs where you have to swear an oath for life. Anyways, in my time there I learned just how important and how difficult protecting data truly is.
Security isn't one of those sexy topics that gets clicks, but it's ultimately one of the foundations of a successful software company. At ProfitWell, our customers trust us with more subscription financial data than any other product out there—and it's not even close. We not only need to take that responsibility seriously, but security needs to be and has always been a priority.
From the beginning we put into place encryption, physical security, cyber insurance, and both common and uncommon practices to ensure we lived up to that priority.
So what's this SOC2 thing?
Well, in short, basically our security practices were audited and stamped from the most reputable accreditation security standard out there. The stamp helps signal we know what we're doing, but considering none of our competitors have done this, why did we, especially since this wasn't cheap.
It really comes down to not having hubris around your security. If we've learned anything from the data breaches that have happened at other companies, even the most vigilant amongst us can fall prey to hackers who are getting more and more sophisticated by the day. An outside perspective who's entire job is to study this world of security and can then come in and tell us where we're doing well and where we could do better is invaluable to our customer experience
So what did we do specifically? A lot of what the auditors wanted we were already doing, which is great, but we beefed up in other areas. The result is we now have strengthened continuous monitoring across our entire platform to detect internal and external threats, deepened our anomaly alerts and audit trails, and optimized our actionable forensics for ensuring we're continually increasing our security standards.
Put much more simply, we're not just checking off boxes over here, we're living a security lifestyle and now have the certification to prove it.
Security is a priority at ProfitWell. SOC2 provides an outside perspective and recognition of that priority: Security isn't one of those sexy topics that gets clicks, but it's ultimately one of the foundations of a successful company. Our security practices were audited and certified to most reputable accredited security standard on the market.
We deepened and optimized our security standards and processes based on an outside perspective: While we had already put in place things like encryption, physical security, cyber insurance, and both common and uncommon practices to ensure we lived up to a high security standard, an outside perspective from our SOC2 auditors helped us deepen these practices with:
Strengthened continuous monitoring across our entire platform to detect internal and external threats
I'm going to be putting together a full breakdown of the process—you can also check out all of our security details over at profitwell.com/security or just email me at email@example.com. And as always, if you're a subscription company looking for the highest rated, most accurate financial metrics—all for free, no matter your size and now with SOC2 certification—check out profitwell.com.
Is this type 1 or type 2?
Type 1, but once we get re-audited in five months, we'll have type 2.
Founder & CEO of ProfitWell, the software for helping subscription companies with their monetization and retention strategies, as well as providing free turnkey subscription financial metrics for over 20,000 companies. Prior to ProfitWell Patrick led Strategic Initiatives for Boston-based Gemvara and was an Economist at Google and the US Intelligence community.