Voicegain, the leading Privacy-first Voice AI platform for enterprises and AI SaaS companies, is thrilled to announce the successful completion of a System and Organizational Control (SOC) 2 Type 2 Audit performed by Johanson LLP. This achievement underscores Voicegain's ongoing commitment to the highest standards of security, availability, and confidentiality for customer data.
Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 Information security audit provides a report on the examination of controls relevant to the trust services criteria categories covering security, availability, processing integrity, confidentiality, and privacy. Voicegain’s SOC 2 Type 2 report did not have any noted exceptions and was therefore issued with a “clean” audit opinion from Johanson LLP. The SOC 2 Type 2 certification is widely recognized as a rigorous measure of an organization’s systems and controls over an extended period.
"As a Privacy first Voice AI Platform, data protection and trust are at the heart of Voicegain. Whether you are a developer working for a startup using our APIs or a Fortune 500 enterprise user of our platform, you shouldn’t have to worry about the controls in place for your sensitive voice data. It has been close to 2 years since we embarked on our SOC 2 Type 1 journey and I am really proud of what our team has accomplished. We look forward to providing businesses worldwide with Voice AI solutions that deliver true peace of mind when it comes to security and compliance" said Dr Jacek Jarmulak, Co-founder, CTO & CISO Of Voicegain.
What Is SOC2 Type 2?
Service Organization Control 2(SOC2) is a set of criteria established by the American Institute of Certified Public Accountants (AICPA) to assess controls relevant to the security, availability, and processing integrity of the systems a service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. SOC 2 compliance is important for Voice AI platforms like Voicegain, as it demonstrates that we have implemented controls to safeguard users’ data.
There are two types of SOC 2 compliance:
- SOC 2 Type 1: Validates that an organization has established appropriate controls at a specific point in time. Voicegain's successful audit established this as of Jul 14 2023.
- SOC 2 Type 2: Confirms that an organization has maintained and operated those controls over a period of time, typically 6 to 12 months. Voicegain's latest report covers this for the period July 2024 to Jan 2025.
Implications for Voicegain Users
From a functional standpoint, achieving SOC 2 Type 2 compliance doesn’t change anything. Our APIs and Apps will work exactly as they always have and as expected. However SOC 2 Type 2 compliance means that we have established a set of controls and processes to ensure the security of our users’ data. This compliance demonstrates that we have the necessary measures in place to protect sensitive information from unauthorized access and disclosure.
What’s Next? Increasing the Maturity of our security process
Our commitment to security doesn’t end with SOC 2 Type 2. We are looking forward to increasing the maturity of the entire security process. This includes the following:
- Establishing a Continuous Security Monitoring Program
- Tools and processes for ongoing detection and response (SIEM, SOC, endpoint protection).
- Developing an Incident Response and Business Continuity Culture
- Regular tabletop exercises, disaster recovery drills, and documented processes.
- Hardening Third-Party Risk Management
- Vendor risk assessments, contract language, and ongoing monitoring of partners’ security posture.
- Security Awareness and Training
- Regular phishing simulations, role-based security training, and compliance training to ensure staff remain vigilant.
- Adopting a “Privacy by Design” Mindset
- Integrate privacy considerations early in every new product or feature development cycle.
"We understand that in today's fast moving industry landscape, data security is non-negotiable," added Arun Santhebennur, Co-founder & CEO of Voicegain. "By achieving SOC 2 Type 2 compliance, we aim to set a high watermark in the Voice AI market. Our customers can have full confidence that their sensitive information is protected throughout its lifecycle."
To request a copy of our SOC 2 Type 2 report, please email security.it@voicegain.ai