We are thrilled to announce that SELECT has successfully achieved SOC 2 Type II Certification, a testament to our unwavering commitment to maintaining high security and privacy standards for our clients and partners. We partnered with Drata to help continually monitor our security and compliance programs. The audit was conducted by AssuranceLab, a global, full-service CPA firm.

What is SOC 2?

SOC 2 (Service Organization Control 2) is a framework developed by the American Institute of Certified Public Accountants (AICPA) designed to ensure service providers securely manage data to protect the interests of their clients and the privacy of their clients' customers. This certification focuses on non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system.

What is Type I vs. Type II

SOC 2 certifications come in two types: Type I and Type II. Type I reports assess the design of security processes at a specific point in time, ensuring they are suitably designed to meet trust principles. Type II, on the other hand, goes a step further by evaluating the operational effectiveness of those controls over a defined period, usually a minimum of six months. Achieving Type II certification demonstrates that a company not only has robust security processes in place but also follows them consistently over time.

Why is this important?

Achieving SOC 2 Type II certification is crucial because it provides an independent, third-party validation that SELECT adheres to best practices in safeguarding our clients' sensitive information. This certification reassures our clients and partners of our commitment to not just promise, but consistently deliver secure, reliable, and compliant services. It reflects our dedication to maintaining the highest security standards and our proactive approach to risk management.

This journey to certification involved an in-depth review of our processes, policies, and procedures to ensure they meet the stringent requirements set by the AICPA. It signifies that SELECT has established and follows strict information security policies and procedures, encompassing the protection of customer data, product development, infrastructure, and company operations.

What this means for existing customers

If you are an existing SELECT customer, you can reach out to us at [email protected] for a copy of our SOC 2 Type II report. Thank you for your continued trust in SELECT. We look forward to delivering even more secure and efficient solutions that support your goals and success.

What this means for new customers

Security has been a top priority for SELECT from day 1. As outlined in our security documentation, our platform is secure by design. SELECT only requires read access to a customer's Snowflake account metadata database. This database only includes metadata about how the customer is using Snowflake. No actual customer data is stored in this database. Despite this, we treat all metadata with the utmost care, applying stringent security measures to ensure its confidentiality and integrity at all times.

If you are considering SELECT as a cost management & optimization platform, please feel free to reach out and we can provide our report for your review. You can also book a meeting with our team to ask any questions about the data we process, our security practices, or the SELECT platform in general.