Asana Announces Completion of SOC 2 Type I Audit Certification

September 11, 2018

SAN FRANCISCO--(BUSINESS WIRE)--Sep 11, 2018--Asana, the fastest-growing Work Management app for teams, today announced it has successfully completed its Service Organization Control (SOC) 2 Type 1 certification.

Additionally, the Company is certified under and complies with the EU-US and Swiss-US Privacy Shield framework, each of which require Asana to maintain certain safeguards for personal data transferred to the United States.

“Keeping our customers’ data safe and secure is our highest priority,” said Manoj Kasichainula, head of security at Asana. “Our aim is to enable teams to work together effortlessly, and our recent certifications show our ongoing commitment to protect our customers’ data so they can focus on the most important work for their businesses.”

Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 certification is widely recognized as a gold standard for data security and requires companies to establish and follow strict information security policies and procedures. By achieving Type 1 certification, an independent third party has validated the design of Asana’s controls relevant to security, availability, and confidentiality. Asana’s Type 1 certification demonstrates their commitment to data security through the practices and procedures it follows for protecting against unauthorized access, maintaining the availability of its service, and protecting the confidential information of its customers.

GDPR, EU-US and Swiss-US Privacy Shield Frameworks

With a fast-growing customer base in Europe, Asana has also remained focused on the security and compliance requirements in the European Union and beyond. Asana remains committed to complying with its obligations under the GDPR, has established a comprehensive and ongoing compliance program, and is committed to partnering with its customers and vendors to help them in their GDPR compliance efforts. Asana also complies with and certifies under both the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Frameworks, which provide a legal mechanism for the transfer data from the EU to other countries that do not have a similar data protection framework.

New Enterprise Controls and Security

For larger companies who use Asana, tight control over users, apps, and data is critical. As part of the company’s focus on security, the team is continuing to build and improve on administrative controls for its customers.

Enterprise admins have long been able to manage Asana usage with service accounts, automatic user provisioning and deprovisioning (SCIM), and SAML. Asana also provides advanced security controls like data export, data deletion, encryption at rest, and cross-regional backups.

New features include ability to:

Lock down apps - Control which apps or integrations have access to Asana data. Admins can create a list of apps that are authorized for use with Asana, and prevent users from connecting other apps. Control guest invites. Restrict who is authorized to invite guests into a domain, and remove anyone who no longer needs access, to keep company data safe.

To learn more about Asana security policies and initiatives, visit its security page or read their security update blog post.

About Asana

Asana makes teams and organizations more efficient by helping them manage and coordinate their work. Headquartered in San Francisco, CA, Asana has more than 35,000 paying organizations and millions of users across 192 countries. Customers such as AB-InBev, Airbnb, Icelandair, NASA, National Geographic, Navy Federal Credit Union, Seattle’s Children Hospital, Viessmann Group, and Uber use Asana to manage everything from marketing campaigns to product launches to team goals.

View source version on businesswire.com:https://www.businesswire.com/news/home/20180911005265/en/

CONTACT: for Asana

Rachel Struxness





Copyright Business Wire 2018.

PUB: 09/11/2018 10:00 AM/DISC: 09/11/2018 10:01 AM


Update hourly