InVision Achieves SOC 2 Type 1 Examination and PCI Compliance

We’re excited to share with you today that we have successfully completed a Service Organization Controls (SOC) 2 Type 1 examination related to the Security principle of the American Institute of Certified Public Accountants (AICPA) Trust Services Principles (TSPs). The third-party examination, completed by Schellman & Company, Inc., covered the design and effectiveness of Opower’s data security controls over the Enterprise and private cloud offerings of InVision’s award-winning design collaboration platform.

The SOC 2 examination attests to the effectiveness of controls a company has in place that relates to the trust principles of security, privacy, confidentiality, availability and processing integrity. We are committed to delivering the highest level of service to our customers. Completion of the SOC 2 Type 1 gives our more than 2 million users the assurance that we have established processes and practices that are designed and focused on protecting and securing our customer data with industry best practices and world leading security technologies and tools.

Additionally, we are proud to announce we have achieved compliance with the Payment Card Industry Data Security Standard (PCI DSS) version 3.1 for projects.invisionapp.com.

PCI DSS 3.1 is a stringent standard of technical and operational requirements set by the PCI Security Standards (PCI SSC) to protect cardholder data. The standards apply to all organizations that store, process or transmit cardholder data. The standard consists of 12 requirements focused on securing your network, system, application and environment against threats, vulnerabilities and compromise.

By exceeding the expectations and requirements of SOC and PCI, we endeavor to hold ourselves to the highest standards. We are committed to improving the lives of designers everywhere and by enhancing our security, we are putting the protection of our customers – and their data – above all else.