Building on your trust: Announcing SOC 2 compliance

Innovation doesn’t matter if it can’t be trusted, and that’s why we are committed to ensuring we deliver the highest standards of security for our customers.

That has always been a guiding principle here at Intercom from our very earliest days. We aim to constantly deliver the most innovative products to our customers but we know that your trust is fundamental to everything we do.

Industry-recognized accreditation

To that end we have been pursuing the highest standards of industry-recognized accreditation so that all our customers, big and small, can have trust in our policies and procedures. This is why we are proud to announce that we have pushed our standards ever higher in passing our recent Service and Organisation Controls (SOC 2) audit and have been awarded a SOC 2 Type 2 report covering “Security and Availability Principles”.

“We are proud to say that we have successfully demonstrated a mature and reliable commitment to protecting our customer’s data”

These audits provide an industry-wide recognition that companies conform to the American Institute of Certified Public Accountants (“AICPA”) SOC 2 standard, which measures security and availability and serves as assurance that your data is being managed in a controlled and audited environment.

Last year we passed the SOC 2 Type 1 audit and attained a Type 1 report. This is a “point in time” report that proved we had robust Service Organisation Controls in place that would ensure the security and availability of our customer’s data. The Type 2 audit is more rigorous and looks to prove we had these controls in place and committed to them for a sustained period of time. With this most recent audit, we are proud to say that we have successfully demonstrated a mature and reliable commitment to protecting our customer’s data.

Why does SOC 2 compliance matter?

Intercom allows you to grow your business by connecting with customers. Our most recent innovations like Custom Bots and the Intercom App Store allow you to do this more seamlessly than ever before. These integrations allow you to have deeper, richer interactions with your customers and potential leads, but everyone involved has to have an underlying trust in those interactions, and a trust in the security underpinning them.

To this end, we focus on the security of your data so that you can focus on acquiring, engaging and retaining your customers.

Over the past few years, particularly in preparation of the GDPR, we have been growing our security program with the aim of forming a security and privacy ecosystem. SOC 2 has complemented this greatly, as the auditing process examines the organization using a top-down, holistic approach.

“We focus on the security of your data so that you can focus on your customers”

As we have grown, ensuring we have strong, consistent, company-wide practices becomes all the more urgent. SOC 2 has given us the opportunity to build best practices into our way of working, throughout every team – from People-Ops and Recruitment to code deployment and disaster recovery planning. Security and availability are now considered as central to everything that we do. Taking part in SOC 2 at this stage in our growth has made Intercom more robust and reliable right now and over the long term.

Continuous improvement in privacy and security

This certification is just one aspect of our growing security program that includes ongoing privacy improvements, Cloud Security Alliance and Privacy Shield.

This is not the end for the SOC 2 process in Intercom though. We are committed to carrying out an annual SOC 2 audit to ensure we continue to build on what we have put in place and keep supporting our customers’ needs.

In doing so, we will continue to demonstrate the importance we place on your trust, and how much we value it.