Announcing StarTree SOC 2 Type 1 Compliance
“Data security is one of the core design tenets of the StarTree Cloud Service and we are committed to integrating state-of-the-art security, integrity, and privacy technology into everything we build. The SOC 2 Type 1 certification is a validation of this commitment. Data is THE most valuable asset for any company, and we are honored to have gained the trust of our customers and partners with their data. We have set a very high bar for ourselves to ensure we go above and beyond required compliance standards, and be responsible custodians for our customers’ data.” – Uday Vallamsetty, Head of Strategy and Operations, StarTree Inc
We are excited to announce that StarTree Inc has achieved SOC 2 Type 1 certification.
Security, Integrity, and Privacy are fundamental pillars of every feature in the StarTree Cloud. We rigorously design, build, and test product capabilities to ensure our customers’ data stays protected. Whether our customers choose the Bring Your Own Cloud (BYOC) model or prefer the fully managed Software-as-a-Service (SaaS) experience built around Apache Pinot, they can rest assured that they have best-in-class security measures in place — OAUTH2 & OIDC authentication, network isolation and end-to-end TLS protection, cloud-native encryption and key management, and secure deployment and management processes.
About SOC 2 Report Criteria
The SOC 2 Type 1 report verifies the existence of internal controls which have been designed to meet the requirements for the security principles set forth in the five Trust Services Criteria. It provides a thorough review of how StarTree’s internal controls affect the security, availability, and processing integrity of the systems it uses to process users’ data, and the confidentiality and privacy of the information processed by these systems. This independent validation of security controls is especially crucial for customers in highly regulated industries.
We accomplished the certification working with our partners at Drata.com and the reputed auditors at Sensiba San Filippo, LLP (SSF). Drata enables automated monitoring and evidence collection across numerous loosely connected services and makes our lives much easier, especially as StarTree Cloud operates across all major cloud providers. SSF has extensive experience certifying big data companies and they diligently worked their way through the complexities of the scalable real-time analytics infrastructure that powers StarTree Cloud.
Next Steps for StarTree Data Security
For our next steps, we commit to a periodic review of the effectiveness of our controls and annual re-certification with the latest SOC2 standards in order to achieve SOC2 Type 2. Since StarTree serves customers across a variety of industries, including finance, retail, services, and technology, we already have our sights set on additional standards and certifications. Many of our customers have requirements arriving from HIPPA, ISO, GDPR, and others. We’re aware that compliance is an ongoing journey and collaborative effort, and we will continue to design our organization and technology to satisfy strict requirements ourselves, as well as to support our customers’ own compliance processes.
The StarTree Inc SOC 2 Type 1 report is now available to all our customers. Got questions? Get in touch!