GraphCMS Achieves SOC 2 Type 1 Compliance

GraphCMS is pleased to announce we have achieved SOC 2 Type 1 Compliance to demonstrate our commitment to security and protecting customer data.

Alexander Naydenov
Daniel Winter
soc2-type1-audit-completion

We’re proud to announce that we have successfully completed the SOC 2 Type 1 audit. Completing the SOC 2 Type 1 audit is key for companies wanting to ensure their customers’ data is managed with the highest security standards and are continuously monitored to ensure those standards are maintained.

We chose to undertake this rigorous process because of our commitment to ensuring that we adhere to the latest security and data protection standards.

Request Report

Security and data protection of our users are critical to the mission of GraphCMS and we aim to ensure that customer data is protected with the latest standards of security. SOC 2 Reports meet these standards and demonstrate that GraphCMS views security of data as a high priority. Customers relying on GraphCMS to power their most valuable digital products include the Government of Finland, Samsung, Dr. Oetker, Sennheiser, Shure and others.

SOC 2 is an extensive audit that ensures that a company is handling customer data securely to protect both, the organization, and the privacy of its customers. Combined with Drata’s automated platform that continuously monitors the security and compliance of the company across the system. Enterprise customers look to GraphCMS to meet their content and data needs and it is essential that the most current security standards ensure that cloud-centric services can safely protect their data.

“We’re committed to ensuring higher standards on security and compliance for our customers to give them the peace of mind when trusting GraphCMS with their content. We look forward to further enhancing our capabilities in this area over the coming months as security comes into the forefront of our product decisions.” - Daniel Winter, CTO and Founder, GraphCMS

GraphCMS worked with Barr Advisory to perform the audit which confirms that GraphCMS’s security practices, policies, procedures, and operations meet the SOC 2 Trust Service Criteria for security. We are happy that we have completed the SOC 2 Type 1 Attestation Report and look forward to continuing to evaluate security approaches in the future.

If you are curious to learn more about our latest approaches to security and data privacy, please reach out to discuss in more detail.

It's Easy To Get Started

GraphCMS plans are flexibly suited to accommodate your growth. Get started for free, or request a demo to discuss larger projects with more complex needs