Products

SurveyMonkey is built to handle every use case and need. Explore our product to learn how SurveyMonkey can work for you.

Get data-driven insights from a global leader in online surveys.

Explore core features and advanced tools in one powerful platform.

Build and customise online forms to collect info and payments.

Integrate with 100+ apps and plug-ins to get more done.

Purpose-built solutions for all of your market research needs.

Create better surveys and spot insights quickly with built-in AI.

Templates

Measure customer satisfaction and loyalty for your business.

Learn what makes customers happy and turn them into advocates.

Get actionable insights to improve the user experience.

Collect contact information from prospects, invitees, and more.

Easily collect and track RSVPs for your next event.

Find out what attendees want so that you can improve your next event.

Uncover insights to boost engagement and drive better results.

Get feedback from your attendees so you can run better meetings.

Use peer feedback to help improve employee performance.

Create better courses and improve teaching methods.

Learn how students rate the course material and its presentation.

Find out what your customers think about your new product ideas.

Resources

Best practices for using surveys and survey data

Our blog about surveys, tips for business, and more.

Tutorials and how to guides for using SurveyMonkey.

How top brands drive growth with SurveyMonkey.

Contact SalesLog in
Contact SalesLog in

How SurveyMonkey securely manages customer data

How SurveyMonkey securely manages customer data

One of the many things that businesses have begun to appreciate during this pandemic is the power that technology has to enable employees to work fully remote. As former SurveyMonkey CIO Eric Johnson wrote, the pandemic has led IT to completely rethink business operations. However, remote work and digital transformation due to the pandemic have also increased the average total cost of a data breach in business. According to IBM’s study of 537 data breaches across 17 countries, the average cost was $1.07 million higher in breaches where remote work was a factor in causing the breach, compared to those where remote work was not a factor. 

Industry standards such as System and Organization Controls (SOC) for Service Organizations reports  developed by the American Institute of Certified Public Accountants (AICPA), are designed to provide customers with peace of mind around how their vendors manage and process data. SOC 2 is an independent auditing procedure that provides assurance about the systems and processes that a service organization uses to process customer data and the confidentiality and privacy of the information being processed. SurveyMonkey recently achieved SOC 2 Type 2 certification, adding to our existing ISO 27001 certification

Achieving SOC 2 Type 2 certification is a significant effort and it demonstrates to our customers that we have an established process on securely managing data and running a world-class security program.

Three trust service principles fall under the SOC 2 criteria for managing customer data: security, availability, and confidentiality. 

  • Security refers to how the service organization protects system resources against unauthorized access. 
  • Availability demonstrates how the service organization ensures system or service availability as stipulated by a contract or service-level agreement.
  • Confidentiality ensures that data is restricted to a specific set of persons or organizations and encrypted to protect the data during transmission.

At SurveyMonkey, we take our responsibility to protect and secure your enterprise information seriously. Security is built-in across our products, infrastructure, and processes. 

We use encryption, access control, and need-to-know processes to ensure proper handling of customer data throughout its lifecycle. Our global Trust & Security team works around the clock to monitor and manage our security posture. They are responsible for security compliance, education, operations, and incident response. 

Data resides on our infrastructure, which is hosted and managed on public clouds. We select public cloud vendors that demonstrate and adhere to rigorous data protection processes. In addition, we perform rigorous security testing and maintain security incident response policies. These processes help us to adhere to 99.9% uptime of our web services. 

One of our most important security strategies is to comply with and expand coverage of the industry regulations that matter to businesses. In addition to our SOC 2 Type 2 certification, we work with multiple third-parties to audit and certify our products with ISO 27001, PCI DSS 3.2, and more. 

View our Security Statement for more details about how we protect data for both our enterprise and individual customers.