Chartbeat upgrades data security with Single Sign-On, SOC2 compliance
When our customers think about Chartbeat, they often picture real-time dashboards or optimization tools. But underneath it all, we also know that you rely on us for our ability to safely secure your data. Being entrusted with customers’ data is a responsibility that our entire team takes extraordinarily seriously. Today, I’m excited to announce two major milestones in improving Chartbeat’s security posture: We have achieved SOC2 compliance and are announcing the general availability of Single Sign-On authentication.
Chartbeat is now SOC2 compliant
Chartbeat has had strong security policies since our earliest days. In the modern security and compliance landscape, we felt it was important to prove to ourselves and our customers that our security policies follow industry best practices. In 2020, we began preparing to conduct annual SOC2 compliance audits, and today we can proudly announce that we have completed our first audit and achieved SOC2 compliance.
Many companies view compliance as a checkbox, but myself, Deepthi Gandhi (VP Engineering), and Heather Leonard (Head of People and Culture) wanted to use the process of becoming SOC2 audited to think deeply about how we work. We made countless improvements to our team’s operations, including:
- Introducing a significantly expanded third-party penetration testing and vulnerability scanning program to identify and remediate security issues
- Revamping our code review and approval process
- Expanding and improving many of our employee policies
In addition to making Chartbeat more secure, we’re confident that SOC2 has made us a stronger and more nimble company.
If you’re interested in learning more about our SOC2 compliance or if you’d like to review our SOC2 report, please contact your Customer Success Manager.
New Feature: Log in to Chartbeat with Single-Sign On
Chartbeat’s mission is to democratize data. Since the beginning, we’ve been focused on making products that are usable by every member of an organization, not just a few analytics professionals. That focus on usability means that many of our customers want Chartbeat in the hands of nearly every employee — often hundreds or thousands of users. Managing accounts for each of those users can be an administrative challenge, as employees may start, change roles, or depart at any time.
To face that challenge head on, we’re officially announcing the general availability of Single Sign-On (SSO). During our beta program, we have had thousands of users authenticate with SSO each day. Along the way, we’ve learned an enormous amount and released a number of features to make managing and rolling out SSO easier. The current features include:
- Support for all leading Identity Providers — including internally-built systems —via SAML2.0 support, so all companies can leverage SSO for authentication.
- Automatic user provisioning and deprovisioning using the industry standard SCIM protocol, so your team does not need to manually create or delete accounts when employees join or leave.
- Support for SSO to be set in either “optional” or “required” mode so that organizations can manage incremental SSO rollouts at their own pace.
- Easy export of each user’s SSO authentication status to allow teams to track the rollout of SSO.
We’re excited to introduce these features to your teams and to hear your feedback.
As a final note: While many companies choose to put SSO support inside of their “Premium” tier, we firmly believe that security is critical for organizations regardless of their interest in our various subscription plans. To enable customers of any size and with any feature requirements to access SSO, we’re releasing SSO support as an add-on module for customers in any tier. To find out more about purchasing SSO, contact your Customer Success Manager or reach out at firstname.lastname@example.org.