At Freeplay, we've made security and privacy top priorities since day 1. Back in April, we shared initial third-party validation of our commitments to security and privacy by achieving our SOC 2 Type I Certification. Today, we're thrilled to announce that we've achieved our SOC 2 Type II Certification. This is the foundational industry-standard certification for SaaS companies, and it demonstrates our ongoing commitment to safeguarding our customers' data and maintaining the highest standards of security in the AI industry.
For more details about our security practices or to learn how Freeplay can support your security needs, please visit our Trust Center or contact our team.
We share some more details below for people who are interested in this space.
Why SOC 2 Type II Matters in AI Development
AI systems often deal with important data including customer data or proprietary information, making them attractive targets for cyber threats. High security and data privacy standards are particularly crucial for companies in the AI space because they:
Build trust with customers: It provides independent verification of our security practices, assuring our customers that their data is protected.
Demonstrate compliance: It helps our customers meet their own regulatory requirements when using our platform for AI development.
Ensure continuous security: The ongoing nature of Type II certification aligns with the dynamic, ever-evolving landscape of AI and cybersecurity.
Our Journey to SOC 2 Type II
Achieving SOC 2 Type II certification is not just a checkbox for Freeplay — it's a reflection of our culture of continuous improvement and investment in security best practices. We conduct rigorous audits, regularly refine our internal controls, and conduct ongoing staff training.
In our SOC 2 Type I announcement, we outlined Freeplay's comprehensive approach to security. Some additional examples of steps we take to protect our customers’ data and account information:
We conduct continuous vulnerability scanning and regular penetration testing to proactively identify and address potential security risks, ensuring our platform remains resilient against emerging threats in the rapidly evolving AI landscape.
When it comes to API keys: We use enterprise-grade key management systems and employ Argon2, a state-of-the-art encryption algorithm that provides strong security and resistance against various types of attacks.
We’ve implemented tenant isolation at the database layer using row-level security. This ensures that each customer's data remains strictly segregated, preventing any unauthorized access or data leakage between different tenants sharing our infrastructure.
We require Multi-Factor Authentication (MFA) for all users of Freeplay systems. It’s not optional. For customers with heightened data privacy requirements, we offer a private hosting solution allows them to store all their data within their own infrastructure — providing an additional layer of control and security.
Looking Ahead: Our Commitment to Security
While we're proud of this achievement, we recognize that maintaining data privacy and security is an ongoing journey. And we're already looking ahead at additional security certifications that will benefit our customers.
Interested in giving Freeplay a try? You can reach out here for more information.
