Trust, But Verify

Your fellow farmers and ranchers can probably tell you a lot about how they use an app and what features work well for their use cases but what about the nitty gritty tech details that they may not be experts in?  Encryption, backups, data durability, disaster recovery plans... these things matter too!

Strong foundations

Let's start with the basics.  Trust is built on transparency.  If we're not telling you what's going on, how are you supposed to know?  Everybody likes publishing announcements of new features, but it's also important to notify customers when things aren't going as smoothly.  We started doing this back in 2019 and are encouraged to see others in the industry starting to follow our lead.

In addition to external transparency, internal controls need to be in place to ensure that only the appropriate staff have access to the systems and data that impact your farm.  Building trust in our internal processes leans heavily on the "but verify" part.  This is tricky for a lot of reasons -- we have complex security systems and infrastructure.  We have many policies guiding our employees in the correct handling of your data.  You may not have the background to check that yourself, and you certainly don't have the time.

Don't just take our word for it

Even though you may not be able to check everything for yourself, you still shouldn't have to blindly trust what any service provider (even an award-winning service provider like FieldClock!) tells you.  Getting a trusted third party's opinion is the best option.

FieldClock has long maintained solid security and data handling practices and we are pleased to say you don't have to take our word for it.  Since last year our systems have been continuously monitored so that an independent auditor could assess our policies and procedures and attest our security.

I am proud to let you know that our auditor found no skeletons in the closet and that FieldClock is officially SOC 2 Type 2 compliant!

What the SOC?

"SOC" is a security framework created by the American Institute of Certified Public Accountants.  The purpose the SOC framework is to provide a standard way of auditing service providers' assertions about their systems.  It may not be obvious what this means, so I'll give you a practical example.

Employers generally need to keep records for some time (often years!) after an employee's last paycheck.  If your data is housed on a single server and that server crashes, what happens to that data?  In a robust system, that data is backed-up to a different geographic location and that backup is periodically tested to verify that it can be restored successfully.  FieldClock has had detailed policies for creating and testing backups for some time.  The importance of the SOC 2 audit is that an independent third party has inspected our processes and verified that we are doing what we say we are doing. 

This isn't limited to backups.  Our auditor checked dozens of controls related to security, availability, and confidentiality so that you can rest easy knowing that FieldClock is doing exactly what we say.

Trust, verified!

In keeping with the foundation of transparency, we are publishing various materials related to our SOC 2 status as well as general security and privacy documentation in our Trust Center for our current and future clients to review. 

Our Trust Center is yet another FieldClock benefit that was designed for the needs of enterprise farming operations but made available to every farm and ranch.  You keep farming, and we'll keep pushing the state of ag-tech forward.

-josh