Assembla Attains Enterprise-Level Compliance

Jacek Materna on December 14, 2017

Assembla, the leader in Enterprise Cloud Version Control across SVN, Git and Perforce announced that it has successfully completed the Service Organization Control (SOC) 2 Type I audit for its world-class VCS cloud offering. Conducted by Schellman, this comprehensive audit and certification verifies Assembla’s strong security protocols and validates the company as a leading cloud version control provider.


SOC II keeps a company’s information security measures in line with today’s specific cloud requirements. As companies increasingly use the cloud to store sensitive source code, SOC II compliance is vital to organizations in a wide array of industries.

Assembla is the market leader in cloud source code management, and is continuing to produce forward-thinking, innovative cloud version control offerings. The SOC II Type I certification exhibits Assembla’s ability to constantly mature its cloud delivery, a feat not all vendors have been able to demonstrate. The audit also certifies that Assembla’s cloud security practices, policies and procedures meet SOC II’s high standards for security, availability and confidentiality. As a one-stop-shop for companies in any industry seeking robust cloud version control capabilities, Assembla achieved this certification using entirely its own cloud technologies.

“Primary barriers for companies to adopt the cloud are concerns surrounding source code security and data privacy,” said Jacek Materna, CTO of Assembla. “SOC 2 Type I certification helps assure our customers that, with Assembla, their data is secured and with an established vendor who has implemented data privacy and security controls.”

SOC II certification is part of Assembla’s multi-pronged cloud security plan. As a true SaaS company, Assembla employs a cloud-first strategy, leveraging secure data center partners that are scalable and guaranteeing all its cloud offerings have high availability, full redundancy and are completely secured.

Specifically geared toward SaaS and other technology companies with a focus on security, availability, processing integrity, confidentiality and privacy, the SOC II standard best meets the demands of the marketplace. This extensive reporting standard provides independent validation that Assembla’s internal control environment operates in accordance with the selected American Institute of Certified Public Accountants (AICPA) security and availability controls.

The SOC II certification comes at the same time that Assembla has been certified for PCI Level 3 and PrivacyShield for privacy practices and payment data security. The EU-U.S. Privacy Shield Frameworks was designed by the U.S. Department of Commerce and the European Commission to offer companies a way in which to comply with data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

For more information on Assembla’s version control capabilities, please visit