Enhanced Security and Reliability: Plotly is SOC 2 Type II Compliant

At Plotly, we work hard to ensure our customers can trust us with their data. Recently, we've taken an important step in validating our commitment to this mission.

We're excited to announce that Plotly is now SOC 2 (Type I and II) compliant.

Through this rigorous, independent audit process, we've demonstrated that our systems and processes are designed to protect customer data. From the code you write in your Dash apps to the data sources you connect, we're protecting your assets every step of the way.

Read on to learn more about our SOC 2 compliance and what it means for our customers.

What is SOC 2?

SOC 2 compliance is an internationally-recognized set of standards for protecting customer data, developed by the American Institute of Certified Public Accountants (AICPA). It focuses on five key factors: security, availability, processing integrity, confidentiality, and privacy of data.

As of April 2023, Plotly’s products, including Dash Enterprise 5, Dash Enterprise libraries, Dash Open Source, and Plotly Graphing Libraries are now SOC 2 Type I and II compliant.

Key to the compliance process was an in-depth review of our controls and procedures, including:

• Encryption of data at rest and in transit
• Secure access management for users
• Secure development procedures
• Redundancy and failover strategies to ensure uptime
• User activity auditing processes
• Identity authentication protocols

As per our SOC 2 commitment, we will continue to maintain and monitor these processes to ensure the highest security standards as Plotly evolves.

SOC 2 Type I vs. Type II Explained

SOC 2 Type I and II are both security compliance standards, but they differ in focus.

• SOC 2 Type I assesses the design of security processes at a specific point in time, but does not necessarily mean that standards are being maintained consistently.
• SOC 2 Type II reports assess how effective those controls are long term, by observing operations for three to twelve months. This ensures that all security measures are being monitored and updated as needed – a testament to a long-term commitment to data security and privacy.

Dual compliance from both Type I and II of the SOC 2 standards is a major milestone. It means that Plotly has met stringent security and privacy requirements and that we are continuously monitoring our internal controls to ensure they maintain the highest level of compliance.

Why is SOC 2 Important?

SOC 2 compliance demonstrates our commitment to protecting customer data. It dictates that we have implemented the necessary controls and procedures required for secure data storage and management, as well as helping customers meet their own compliance needs.

The audit report also offers transparency into the security of Plotly’s systems and processes, allowing customers to make informed decisions about working with us.

As more organizations move to cloud-based computing, SOC 2 is becoming increasingly important for demonstrating trustworthiness and security. We’re proud to have achieved this compliance and look forward to continuing to provide our customers with peace of mind.

What Does This Mean for Our Customers?

Our commitment to protecting the privacy of your data has never been stronger. Some of the key benefits of SOC 2 compliance to customers include:

• Cost-savings: SOC 2 minimizes the chances of data breaches, helping to prevent the direct costs of data theft and the long-term opportunity cost of lost business.
• Trust: SOC 2 compliance demonstrates a commitment to data security and compliance, giving potential customers peace of mind when considering our product or service.
• Reduced Risk: SOC 2 compliance reduces the risk of data security issues and provides assurance that your data is being managed following industry-standard best practices.

For organizations that need to meet government security regulations and industry-specific requirements, from PCI Data Security Standard (PCI DSS) to HIPAA, SOC 2 compliance adds an extra layer of assurance. Government, legal, healthcare, and finance industries can now feel more confident working with Plotly and Dash Enterprise 5, thanks to our SOC 2 compliance.

Stay Secure with Plotly

As we continue to grow our product, you can rest easy knowing we're protecting your data at every milestone. For more information on our trust and security measures, please review our privacy policy.

Looking for a friendly Python interface to create secure, compliant, and customizable apps? Demo Dash today.