How do you guys explain "security & privacy" to corporate clients?

Have a meeting with a large corporate client on Monday with their IT department. They want to talk about security and data privacy.

When asked, I’ve first explained AWS security: end-to-end security and SSL encryption., as I understand it. All our user data also has strong privacy visibility.

Is there anything else I should add when asked tough questions?

1 Like

this post can be useful

While Bubble use AWS which is SOC2 and ISO27001 compliant, any Bubble app you build will not be. Chances are they’ll want to discuss about this.

Can you ellaborate?

Bubble is not enterprise-grade yet, but it’s a high priority on their roadmap

Did they give you a questionnaire to fill out before the meeting?

SOC2 compliance is a priority for the Bubble team but it is being pushed back. You can read April’s community update

As mentioned last month, we are kicking off an overhaul of our network architecture and infrastructure organization with the goal of hardening our security posture and aiming for SOC2 compliance. We are shifting the focus of this work to prioritize reliability-related improvements ahead of the work that will get us to SOC2, so we may end up pushing the date back for SOC2.

You can also go through this doc to get an idea link

1 Like