Feature Request: Public Security Audits for Greater Transparency

As someone who relies on MySudo, I care deeply about how my information is protected. Security is important to me, and while I appreciate MySudo’s focus on privacy, I believe there is one area where more openness would build even stronger trust: independent third party security audits.

Why I Am Asking

In today’s digital world, security practices can change quickly as systems evolve and new risks emerge. Because of that, I think it is reasonable for clients to expect regular, verified updates from the companies that handle their data.

For me, the most meaningful proof would be:

• Independent third party certifications such as a System and Organization Controls Two report or an International Organization for Standardization 27001 certification.

• Clear information on encryption standards, both for data in transit and at rest.

• Third party penetration testing, with high-level summaries of results.

• A transparency report that outlines government data requests and incident response processes.

Why Third Party Audits Matter

A yearly third party audit provides reassurance that a company’s security claims are not only self-assessed but also independently verified. It shows an ongoing commitment to accountability, and it gives clients like me confidence that privacy is not just a promise but a practice that is regularly tested.

My Request to MySudo

I am asking MySudo to consider publishing yearly independent third party audit results, along with a summary of the encryption standards and testing processes that protect users.

I believe this step would strengthen trust, demonstrate leadership in privacy and security, and provide clients with the confidence that MySudo is consistently verifying its practices through independent experts.