108
SOC 2 Compliance
in progress
Log In
Anurag Goel
We've now entered the audit period for SOC 2. If things go smoothly, Render will be SOC 2 certified in ~3 months. We're happy to provide bridge letters until then.
Activity Feed
Sort by
E
Eelke van den Bos
Anurag Goel, I've read your post on hacker news about SOC 2 + ISO certification. Do you have any updates on ISO 27001 progress?
x
xiaolong
can we get a quick update when we can expect to get SOC2 certified? It looks like we are in the three months mark.
Anurag Goel
We've now entered the audit period for SOC 2. If things go smoothly, Render will be SOC 2 certified in ~3 months. We're happy to provide bridge letters until then.
E
Ethan Sherbondy
Anurag Goel: Amazing, thanks for the update Anurag, and godspeed! Really appreciate the open line of communication around this.
B
Brandon Ballinger
Anurag Goel: That's amazing news! Thanks for being so transparent. Will this make it easier for Render to sign BAAs to support HIPAA-regulated apps? (As requested here: https://feedback.render.com/features/p/hipaa-compliance)
Anurag Goel
Brandon Ballinger: it will help!
E
Ethan Sherbondy
Is there any chance we could privately request an in-progress report or some form of security attestation / questionnaire from someone on the Render team as we start to embark on our own SOC 2 audit process?
Also have target for this summer and would love to keep running on Render!
D
Dave Fulham
Is there a timeframe for this one Anurag Goel?
Anurag Goel
Dave Fulham: sometime this summer.
E
Ethan Sherbondy
Anurag Goel: Hey folks how's it looking?
August is around the corner, so just wondering if you have any updates to share on expected timeline, either here or privately.
Really appreciate the updates & open line of communication around this! 🙏
No worries if you faced some delays, just trying to set expectations for our own team and timelines.
Anurag Goel
Ethan Sherbondy: please email support@render.com and we'll help you out.
L
Leslie Carr
I'd like to +1 for Vanta integration as well!
B
Brian Loomis
This would really be great. We run a Covid app (https://www.safeaccess360.com/) that has over 100k users, but Heroku shield is killing us as a small business. The sooner we can move to Render and maintain compliance the better.
Anurag Goel
in progress
We've started working with Secureframe to automate SOC 2 compliance for Render, and will keep everyone posted.
S
Stephan Stylianides
Anurag Goel: Looks like Secureframe also helps with HIPAA compliance. Is it possible to kill two birds with one stone on this task? SOC 2 & HIPAA compliance?
F
Fedor Garin
Stephan Stylianides Anurag Goel: +1 to this, HIPAA compliance would be soooooooo much appreciated
S
Stephan Stylianides
E
Ethan Sherbondy
I guess related to this (but maybe a separate feature request), is possibly working with SOC 2 Audit compliance software companies like Drata and Vanta to have first-class integrations, so that any company who wants to use Render that is itself going through the SOC 2 Audit process can
automatically
help demonstrate continuous compliance for their application servers, DBs, and other services hosted on Render?As your customers themselves become established and hopefully go on to build great SaaS businesses and the likes on top of Render, this will help a great deal to make the SOC 2 compliance process for them more turnkey.
But a starting point is certainly for Render itself to demonstrate SOC 2 compliance :) Godspeed!
Anurag Goel
Ethan Sherbondy: good point. We're reaching out to Vanta, Drata, and of course Secureframe to figure this out.
Load More
→