Internal Security
Standard Metrics is SOC 2 type II and GDPR compliant
Our security and data privacy processes have been independently assessed by third party firms in accordance with SOC 2 Type II and GDPR to ensure our operations uphold industry standards and best practices.
Standard Metrics does not store credentials
Our system integrates with data providers and never stores your login credentials. We evaluate every provider we use to ensure they meet our high standards of trust and security before implementation.
Data is stored securely
Your data is protected at rest by 256-bit encryption and protected by TLS/HTTPS in transit. If we suspect any suspicious activity on your account, we’ll alert you as soon as possible.
Access to Standard Metrics is secure
All access to Standard Metrics is over a secure (256-bit SSL encrypted) connection.
Employee Security
All employees are required to participate in security training. We enforce a number of internal polices to ensure that our employees follow best practices with respect to data access, passwords, and other information security measures. Access to customer data is only granted to those who need access to fulfill their job duties.
Product Security
Sign-in and account access
Standard Metrics uses passwordless authentication, via Google, Microsoft, or Stytch. We don’t store passwords and enable 2FA via these providers.
Control visibility and user access levels
CEOs and founders control who has visibility into their company data on Standard Metrics, and all new company members require access approval.
Do you have more security questions?
If you have specific questions or concerns about our security practices, please contact us.