I’m excited to share that Chromatic is now SOC 2 Type 2 compliant. Companies everywhere use Chromatic to build UIs for the world. With more teams joining everyday, we pursued SOC 2 Type 2 compliance to show our continued focus on the security of your data.
What is SOC 2 anyways?
SOC 2 Type 2 is a compliance standard that certifies adherence to the industry standards for security (AICPA). It requires a third-party auditor to conduct a rigorous multi-month examination across these core dimensions:
- 🔐 Security
- 🛡 Confidentiality
- 🚥 Availability
- ✅ Privacy
- 🗂 Processing integrity
Why does SOC 2 matter?
Adopting tools can be tricky for developers. It often involves security questionnaires, IT sign off, lawyers, procurement officers, and many more non-obvious stakeholders. This can be a daunting task, even when you're 100% sure a tool will speed up your team.
Our mission is to improve the UX of the internet. In order to do that, Chromatic needs to reach as many frontend developers as possible by complying with the most stringent corporate environments and security postures.
SOC 2 represents a standard of excellence recognized by most departments in most companies. This makes it hassle-free for developers to get Chromatic approved by their companies.
What does SOC 2 mean for developers?
For current customers, SOC 2 Type 2 helps you rest easy knowing that our team remains vigilant with your data. You already trust us to power your frontend infrastructure, we aim to maintain that trust by continuing to ship secure products.
For new customers, SOC 2 Type 2 is recognized by engineering, compliance, and security teams alike. Chromatic’s compliance streamlines getting started for security-conscious companies. This means less work for you and your team.
Continuous security monitoring
SOC 2 Type 2 is a testament to Chromatic’s ongoing commitment toward securing your data. It's an independently verifiable way to demonstrate the security of our tools. But security doesn’t just end with a piece of paper. We have continuous monitoring and regular audits maintain these standards over time.