📣  Announcing $23M in funding to transform how go-to-market teams use data to drive revenue

Pocus is SOC 2 Type 2 compliant

Learn more about our data privacy and security policies
Isaac Pohl-Zaretsky
April 14, 2022
Pocus is SOC 2 Type 2 compliant

We’ve taken data and privacy seriously since day one at Pocus, which is why we’re excited to announce that Pocus is SOC 2 Type 2 compliant. 

While many companies wait until their series B or even later rounds to invest time into certifying security efforts, we felt the need to address this early so all customers felt safe sharing their critical product usage and customer data with Pocus. 

Our team has not only met the requirements for SOC 2 type 2, we have also invested resources into building our own unique data privacy architecture. 

Secure by design 

Keeping data safe has never been more important. 

Hackers in recent years have gained access to vulnerable systems from cities to Fortune 500 companies. 

Our Product-Led Sales platform has the highest data privacy and security architecture in place for those very reasons. By making this foundational to our product, we’ve embedded a strong culture around data privacy and security first. Security is a central tenant not just of our product but the entire company culture. Every new hire on the Pocus team goes through security training and all company devices are secured. 

What is SOC 2 and why is it important?

SOC 2 defines criteria for safely managing data according to 5 key trust principles: security, availability, processing integrity, confidentiality, and privacy. A SOC 2 report is unique to each organization and outlines how a vendor manages your data. 

There are two types of SOC 2 reports (Pocus has completed both audits)

  1. Type 1 describes a vendor’s systems and if the design meets the relevant trust principles.
  2. Type 2 can only be achieved once those designs are put into action and the operational effectiveness of the design meets the standard.

A SOC 2 Type 2 report is an important part of any software vendor evaluation where the vendor will have access to any critical data or if important information is being stored in the vendor's environment. 

At Pocus, we enable GTM teams to get access to product and customer data in a single pane of glass view. To do this we need access to the sources of that data, typically a data warehouse like Snowflake, BigQuery or Redshift, and their CRM. Giving access to critical data about product usage and customers can make many data security and IT teams nervous, which is why SOC 2 compliance ensures your vendor will keep that data safe and secure. 

How does Pocus protect data privacy?

We’ve built a unique approach to working with your product and customer data at Pocus. We support multiple deployment options to suit customers' data privacy preferences. Depending on the approach taken, customers can limit the amount of PII exposed to Pocus’ cloud.

Other security and compliance measures we take include:

  • Encryption: Data in transit is encrypted at all times, all storage systems are encrypted, and all Pocus servers are tightly access controlled and audited regularly. When debugging is required a small number of engineers are given access on their encrypted devices and are required to remove any data off their device when work is complete. 
  • Multi-factor authentication required: Access to all critical systems and production environments is protected using strong passwords and multi-factor authentication. Where possible, SSO is used for centralized access control. Access is reviewed prior to being granted and then periodically thereafter.
  • Limited data access: Pocus only extracts metadata, primary keys, aggregate statistics, and limited PII with your permission. You can restrict access to any data field by simply marking it as PII in your Pocus workspace settings. 
  • Pen testing: Pocus underwent a successful pen test from a third party to validate the security of our platform. 

To help us reach this milestone and continue to safeguard our customer’s data, we worked with the awesome folks over at Vanta to help us set up the best processes and security systems. Vanta made the process very easy and we highly recommend them to other early-stage companies looking for a trusted partner. 

Want to learn more?

Curious about Pocus’ Product-Led Sale platform and our approach to data privacy & security? Sign up for our waitlist and we’ll be in touch soon.

Pocus is SOC 2 Type 2 compliant
Isaac Pohl-Zaretsky
CTO & Co-founder @ Pocus
Announcing $23M to transform how go-to-market teams use data to drive revenue
Announcing $23M to transform how go-to-market teams use data to drive revenue
Pocus’ Product-Led Sales platform unlocks the data warehouse for go-to-market teams.
Alexa Grabell
June 22, 2022
Introducing Magic Playbooks
Introducing Magic Playbooks
We’re launching our most significant redesign into early access with customers today — introducing Magic Playbooks, combining the power of your strategy docs and data in Pocus!
Alexa Grabell
August 30, 2022
What is the sales-assist role?
What is the sales-assist role?
Defining this emerging Product-Led Sales role
Alexa Grabell
November 9, 2021
Product-Led Sales (PLS) AMA: Oran Akron + Tom Ronen
Product-Led Sales (PLS) AMA: Oran Akron + Tom Ronen
How monday.com scaled ARR and went upmarket
Alexa Grabell
November 2, 2021
Product-Led Sales 101 with GC Lionetti
Product-Led Sales 101 with GC Lionetti
Insights on product-led, human-led and everything in between
GC Lionetti
October 28, 2021
Community Post: The PLG Revenue Organization
Community Post: The PLG Revenue Organization
7 ways PLG will impact revenue teams
Alfie Isa Marsh
February 10, 2022
You’re intrigued or you fell asleep on your keyboard. Either way join our waitlist! 🪄