Security at Haystack

Security and trust are the foundation of everything we build—but you don't have to take our word for it. We meet industry-accepted security standards so you can rest assured that your most sensitive data is protected. We also undergo regular third-party security reviews and penetration testing to ensure our customers can always rely on Haystack.
SOC-2 Type 1
A report on a Haystack's system and the suitability of the design of controls at a point in time.
SOC-2 Type 2
A report on a Haystack's system and the suitability of the design of controls over a six month period.
ISO 27001
ISO/IEC 27001 is an international standard on how to manage information security.

Why Organizations Trust Haystack

Haystack is the culture hub, people connector, and source of truth for organizational knowledge—and that means availability and privacy are crucial. That's why we've been dedicated to building a strong foundation of security and reliability since day one.

Data Encryption
Data is encrypted in-transit and at rest to provide steadfast protection.
Single Sign-On (SSO)
SSO allows you to authenticate users in your own systems without requiring them to enter additional credentials.
Data Permissions & Authentication
Access to our data is limited to authorized employees who require it for their job and data access is logged.
Incident Response
Security breaches will be communicated within 48 hours, and vulnerabilities are fixed ASAP.
Secure Software Development
Haystack utilizes a variety of data security and vulnerability checks throughout the development lifecycle.
Penetration Tests
Haystack works with industry leading security firms to perform regular penetration tests.
Employee Trainings
Security is a company-wide endeavor. All employees complete an annual security training program.
Security Team
Haystack employs staff responsible for reviewing, testing and maintaining platform security and privacy.