Kustomer Achieves SOC 2 Type II Certification

Kustomer Achieves SOC 2 Type II Certification Twitter

Independent report confirms company’s ongoing commitment to create and maintain a secure operating environment for its client’s confidential data

Kustomer, the SaaS platform reimagining enterprise customer service, announced today the successful completion of its Service Organization Control (SOC) 2 Type II examination with zero exceptions. This independent audit conducted by Linford & Company validates that the company’s corporate security practices and the security controls in the Kustomer platform meet the American Institute of Certified Public Accountants (AICPA) Trust Service Principles and Criteria for System and Organization Control.
Using third-party service providers and data processors is an essential part of any business’s operations and companies take the data security practices of vendors seriously. The final SOC 2 Type II report documents that Kustomer has deployed critical security policies, procedures, and safeguards necessary to protect and secure client data at a point in time, and also verifies compliance and operational effectiveness of the company over a six-month period.

“As an enterprise SaaS software solution that powers the customer experience of today’s best brands across the globe, earning and maintaining the trust of our clients is paramount,” said Brad Birnbaum, CEO and Co-Founder at Kustomer. “Achieving SOC 2 Type II certification reinforces our commitment and further demonstrates our capabilities to protect customer data in accordance with stringent industry standards and best practices. This independent validation of our security program is critical for all of our clients, particularly those in highly regulated industries.”

Kustomer empowers businesses to succeed in today’s customer-first world. Kustomer’s comprehensive solution and CRM provide a single view of the customer journey, seamless omnichannel communications and the ability to automate business processes and knowledge management. The company is powering satisfaction and loyalty for some of today’s most iconic, people-first brands, including Glossier, Ring, ThirdLove, Rent the Runway, Sweetgreen, Glovo, Away and UNTUCKit.

In addition to being SOC 2 Type II certified, Kustomer already complies with HIPAA standards as well as the requirements of the EU-US and Swiss-US Privacy Shield, the GDPR, and CCPA.

About Kustomer

Kustomer is the omnichannel SaaS platform reimagining enterprise customer service to deliver standout experiences – not resolve tickets. A customer-centric solution, Kustomer helps brands increase satisfaction and loyalty by empowering agents to engage customers in personalized, efficient, and effortless conversations. Today, Kustomer is the core platform of some of the leading customer service brands like Glossier, Ring, ThirdLove, Rent the Runway, Sweetgreen, Glovo, Away, UNTUCKit. Headquartered in NYC, Kustomer was founded in 2015 by serial entrepreneurs Brad Birnbaum and Jeremy Suriel, has raised $173.5M in venture funding, and is backed by leading VCs including: Coatue, Tiger Global Management, Battery Ventures, Redpoint Ventures, Cisco Investments, Canaan Partners, Boldstart Ventures and Social Leverage.


Why Safe Customer Engagements Build Trust and Loyalty

In today’s fast-paced world, paying for convenience is at an all-time high. Whether using a car service, ordering an item for same day delivery, or buying groceries for pick up, convenience often comes at a cost. But unfortunately this cost of convenience is not always monetary-only.

Consumers can be so focused on the fact that they are saving time, even if it means paying more, that they may not realize what is being done with their data, or whether it is safe. And unfortunately, some companies may not be safeguarding their personally identifiable information (PII) as closely as consumers assume.

When devastating things occur, like the recent uptick in high-profile data breaches, it puts a strain on the loyalty of customers. And it’s not just small retail-focused companies that face this challenge. The 13 largest data breaches of 2019, according to CRN, include large institutions in the educational and healthcare sectors in addition to retailers. And oftentimes companies may learn about them months or years later, leaving customers in the dark about their exposed data for quite some time.

How Customer Service Can Help

When a data breach does occur, companies must do more than proactively communicate the unfortunate incident to their customers. They must put their best foot forward to ensure their customers know they are not only regretful, but there to help in any way they can. Brands must be available on multiple channels to answer customer inquiries and personally respond to their problems. Forcing customers to jump through hoops to get their questions resolved will only make matters work.

Unfortunately, trust for retail is low, with only 45% of shoppers saying they think their information is safe with a retailer according to Forbes. And after a security breach,12% of customers stop shopping with a brand entirely, while 36% shop less frequently. The way that companies handle security breaches could be the difference between a loyal and forgiving customer and one who leaves forever.

Keeping Customer Data Safe

No company ever intends for a data breach to occur, but having the right tools with the right safeguards is imperative. Beyond providing proactive and personalized omnichannel support, the Kustomer platform includes layers of protection, starting with team policies and procedures, and incorporates continuous monitoring and automation that’s built into the software development life cycle (SDLC).

Don’t give customers a reason to be concerned. At Kustomer, earning and maintaining the trust of our customers is a cornerstone of our business. That trust is why, from the beginning, the Kustomer platform has delivered secure, reliable, continuously available applications, where the privacy of our customers’ data is always protected. It’s also why our engineering teams have spent so much of their time building robust logging, auditing, monitoring, and data encryption capabilities into the platform.

Loyalty is hard to gain, but trust is easy to lose. Let us help you keep it.

To learn more about why Kustomer is the premier CRM platform for trust and safety, request a live demo.

Kustomer Achieves SOC 2 Type I Compliance

At Kustomer, earning and maintaining the trust of our customers is paramount. That trust is why we architected the Kustomer platform from the beginning to deliver secure, reliable, continuously available applications, where the privacy of our customers’ data is always protected. It’s also why our engineering teams have spent so much of their time building robust logging, auditing, monitoring, and data encryption capabilities into the platform.

And it is that trust, and our executive team’s fervent belief that security is the responsibility of everyone that is a part of the Kustomer Krew, that has driven our adoption of industry best practices for security controls and processes throughout the many layers of the application environment and software development lifecycle. This has included strict endpoint management, extensive employee security awareness training, and comprehensive vulnerability management with regular 3rd-party penetration testing and code reviews. However, we recognize that doing the work and telling the world is not enough.

That’s why I am proud to announce that Kustomer has achieved SOC 2 Type I compliance. This comes after a highly detailed 3rd-party audit that assessed whether our security program and internal controls are designed and implemented to the AICPA Trust Service Principles and Criteria for System and Organization Control. These include:
– Security
– Availability
– Processing Integrity
– Confidentiality

Our auditors from Linford & Company reviewed Kustomer controls, procedures, and documentation around our security practices and examined security controls in our platform and products. Their final report thoroughly documents how Kustomer safeguards customer data and highlights our completion of the audit with zero exceptions.

This provides independent validation of our commitment to meeting customer requirements and delivering on their trust, by proving we have designed the controls and associated procedures to deliver a secure cloud platform.

Earlier in 2019, we announced our compliance with HIPAA standards and now SOC 2 Type I. Next, we will be pursuing SOC 2 Type II compliance to demonstrate the strength of our controls over time. This work is already well under way.

While each of these compliance standards are critical, and convey our effectiveness at protecting the data of our current and future customers, they are steps in a continuous journey and a reflection of the efforts the entire Kustomer Krew take every day to earn and maintain trust. It is a journey that we take seriously, knowing it has no end, and we are excited to celebrate each significant compliance milestone with the entire Kustomer community. We look forward to the next.

Our complete SOC 2 Type I audit report is available to customers and prospects under NDA upon request.

Jeremy is the Co-Founder and CTO of Kustomer.


Deliver effortless, personalized customer service.

Request Live DemoStart Interactive Demo