Many companies are migrating their business to the Internet, away from running software on their own servers to running applications made up of various web services running ‘in the cloud’.
However, can companies trust their cloud service providers?
A slick marketing website may mask the fact that it is a tiny start up ‘flying by the seat of the pants’ and is improperly managing, storing and protecting customers’ data.
How prepared is a cloud service provider in case a service outage happens, if they get hacked, properly securing data etc.?
Lack of formal processes and procedures may cripple your business if your cloud service provider has issues. Even more important, are these processes and procedures effective?
Developed by the American Institute of Certified Public Accountants (AICPA
), SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy.
SOC 2 certification is issued by outside auditors.
They assess the extent to which a service provider complies with five trust principles based on the systems and processes in place specific to that service provider.
Any company who takes seriously their partnership with cloud service providers are now requiring that the provider be SOC 2 compliant.
For example, Microsoft requires us to be SOC 2 compliant in order for us to host their labs! Several other customers have the same requirement.
The importance of SOC 2 compliance.
While SOC 2 compliance isn’t a requirement for cloud service providers, its role in securing customers’ data cannot be overstated. Learn on Demand Systems will now undergo regular audits to ensure the requirements of each of the five trust principles are met and that we remain SOC 2 compliant. This compliance extends to all the services we provide.
We are one of the few, perhaps the only one, in the online lab hosting industry to have achieved SOC 2 compliance.
Interested in learning more about our products and services? Click here to schedule a meeting with one of our team members.