←back to thread

Excalidraw+ Is Now SoC 2 Certified

(plus.excalidraw.com)
233 points gmays | 1 comments | 24 Jun 25 01:54 UTC | HN request time: 0.198s | source
Show context
ranger_danger ◴[24 Jun 25 02:48 UTC] No.44362456[source]
> We got tired of endless security questionnaires, so we got SOC 2 certified to make things smoother for everyone.

Can someone explain what they meant by this? Questionnaires by who, and why?

replies(5): >>44362472 #>>44362477 #>>44362480 #>>44362493 #>>44363749 #
1. jamiecurle ◴[24 Jun 25 07:37 UTC] No.44363749[source]
Organisations need to ensure that doing business with you isn't over their risk threshold. One of the areas they focus on is security (cyber, info and physical and perhaps soon AI). In order to determine this they ask you a bunch of questions in which you insert answers and evidence into a spreadsheet, sometimes an online app. These are "the questionnaires". They're also pretty expensive[0]

Having a SOC 2 attestation or certified IS027001 compliance of your Information Security Management System allows you to do business with "less friction" because you can often shortcut some / all portions of those questionnaires.

But you can never get rid of them.

[0]: https://sharedassessments.org/sig/