Pave receives SOC 2 Type II certification

Company
February 23, 2021
2
min read
by
Matthew Schulman

Pave was founded on the premise that greater real-time transparency leads to improved outcomes & visibility for customers. With our suite of total compensation tools, we have been focused on innovating for our customers and bringing additional transparency to both the candidate and employee compensation experience. Given this relentless focus, it seemed only fitting that we also be as transparent with what is happening with our customer’s data as well. This conviction led us to begin the process to become SOC 2 Type II compliant, which we are pleased to announce we have now successfully completed!

So what is SOC 2 Type II compliance and why is it important to Pave (and our customers)? At a high level it’s an audit done that requires strict organizational and technical controls to protect our customer’s privacy and data (data which is commonly stored in the cloud). We also opted to seek Type 2 compliance which is more strict monitoring over time, in contrast to Type 1 which only measures compliance at a single point in time. Our compliance monitoring vendor, Vanta, notes that “A Type II report shows not only that you understand the necessary security procedures, but that you follow them over a period of time.” This translates to Pave being recognized as fulfilling the “gold standard” for security and privacy, both of which we care deeply about.

The process to be eligible for this certification started over 6 months ago, thanks to the diligence of our Engineering team. During that time we continued to launch new products and functionality (including the announcement of the Pave Compensation Benchmarking Project) which continued to be certified compliant by our auditors at The Cadence Group. Furthermore, we initiated this audit process far earlier than most other SaaS companies knowing how sensitive the nature of our customer’s data is and how imperative it is to deliver the highest security certification possible.

In summary, we’re thrilled to be able to announce our compliance with SOC 2 Type II. This distinction continues to drive home the importance we take in dealing with sensitive proprietary data and the trust we look to build with our customers. We’re also proud of the continued compliance over time, even as the company continues to innovate and introduce new products to the market. This is not the destination but rather another step to becoming the ultimate customer-centric company we want to build.

To learn more, visit our site to request a demo to see our product live!

Learn more about Pave’s end-to-end compensation platform
Matthew Schulman
CEO & Founder
CEO and Founder of Pave

Become a compensation expert with the latest insights powered by Pave.

(function (h, o, t, j, a, r) { h.hj = h.hj || function () { (h.hj.q = h.hj.q || []).push(arguments) }; h._hjSettings = { hjid: 2412860, hjsv: 6 }; a = o.getElementsByTagName('head')[0]; r = o.createElement('script'); r.async = 1; r.src = t + h._hjSettings.hjid + j + h._hjSettings.hjsv; a.appendChild(r); })(window, document, 'https://static.hotjar.com/c/hotjar-', '.js?sv='); !function () { var analytics = window.analytics = window.analytics || []; if (!analytics.initialize) if (analytics.invoked) window.console && console.error && console.error("Segment snippet included twice."); else { analytics.invoked = !0; analytics.methods = ["trackSubmit", "trackClick", "trackLink", "trackForm", "pageview", "identify", "reset", "group", "track", "ready", "alias", "debug", "page", "once", "off", "on", "addSourceMiddleware", "addIntegrationMiddleware", "setAnonymousId", "addDestinationMiddleware"]; analytics.factory = function (e) { return function () { var t = Array.prototype.slice.call(arguments); t.unshift(e); analytics.push(t); return analytics } }; for (var e = 0; e < analytics.methods.length; e++) { var key = analytics.methods[e]; analytics[key] = analytics.factory(key) } analytics.load = function (key, e) { var t = document.createElement("script"); t.type = "text/javascript"; t.async = !0; t.src = "https://cdn.segment.com/analytics.js/v1/" + key + "/analytics.min.js"; var n = document.getElementsByTagName("script")[0]; n.parentNode.insertBefore(t, n); analytics._loadOptions = e }; analytics.SNIPPET_VERSION = "4.13.1"; analytics.load("0KGQyN5tZ344emH53H3kxq9XcOO1bKKw"); analytics.page(); } }(); $(document).ready(function () { $('[data-analytics]').on('click', function (e) { var properties var event = $(this).attr('data-analytics') $.each(this.attributes, function (_, attribute) { if (attribute.name.startsWith('data-property-')) { if (!properties) properties = {} var property = attribute.name.split('data-property-')[1] properties[property] = attribute.value } }) analytics.track(event, properties) }) }); var isMobile = /iPhone|iPad|iPod|Android/i.test(navigator.userAgent); if (isMobile) { var dropdown = document.querySelectorAll('.navbar__dropdown'); for (var i = 0; i < dropdown.length; i++) { dropdown[i].addEventListener('click', function(e) { e.stopPropagation(); this.classList.toggle('w--open'); }); } }