hi
my company is asking me if KM is Soc2 compliant and/or how does it manage user data. Is there a place I can get this info?
I tried to search for soc2 in the search bar but couldn't find anything here nor on the site.
Thanks!
SOC 2 compliance is about how you handle cloud-stored/processed data. KM-the-app is not an issue (unless they specifically mean data about your purchase of KM, which I doubt!).
How you use KM might be. Write a macro that uploads a bunch of customer data to your corporate SOC 2-compliant storage is good, but one that uploads the same to a public web site would be Very Bad.
Stress to them that KM is a locally-run program, not a cloud service. Asking if KM is SOC 2 compliant is the same as asking if Microsoft Word 2019 is -- the answer is "SOC 2 does not apply here". Compare that with the cloud-integrated Office 365's Word, which is compliant.
1 Like